Launchpad CVE tracker

CVE 2011-3640

** DISPUTED ** Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor's response was "Strange behavior, but we're not treating this as a security bug."

Related bugs and status

CVE-2011-3640 (Candidate) is related to these bugs:

Bug #315096: signtool -L fails: "libsoftokn3.so: cannot open shared object file: No such file or directory"

Summary				In	Importance	Status
	315096	signtool -L fails: "libsoftokn3.so: cannot open shared object file: No such file or directory"		nss (Ubuntu)	Undecided	Fix Released
	315096	signtool -L fails: "libsoftokn3.so: cannot open shared object file: No such file or directory"		nss (Debian)	Unknown	Fix Released

Bug #613477: Cannot build source package as it cannot find libraries

Summary				In	Importance	Status
	613477	Cannot build source package as it cannot find libraries		nss (Ubuntu)	Undecided	Fix Released

Bug #855424: Typo in description of the package

Summary				In	Importance	Status
	855424	Typo in description of the package		nss (Ubuntu)	Low	Fix Released
	855424	Typo in description of the package		nss (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2011-3640

References