CVSS: 4.3EPSS: 0%CPEs: 24EXPL: 1CVE-2014-1491 – nss: Do not allow p-1 as a public DH value (MFSA 2014-12)
https://notcve.org/view.php?id=CVE-2014-1491
Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value. Mozilla Network Security Services (NSS) anterior a 3.15.4, utilizado en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3, SeaMonkey anterior a 2.24 y otros productos, no restringe debidamente los valores públicos en el intercambio de claves de Diffie-Hellman, lo que facilita a atacantes remotos evadir mecanismos de protección criptográfica en el manejo de tickets mediante el aprovechamiento de un cierto valor. It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. • http://hg.mozilla.org/projects/nss/rev/12c42006aed8 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http&# • CWE-326: Inadequate Encryption Strength CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 9.3EPSS: 1%CPEs: 23EXPL: 0CVE-2014-1490 – nss: TOCTOU, potential use-after-free in libssl's session ticket processing (MFSA 2014-12)
https://notcve.org/view.php?id=CVE-2014-1490
Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket. Condición de carrera en libssl en Mozilla Network Security Services (NSS) anterior a 3.15.4, utilizado en Mozilla Firefox anterior a 27.0, Firefox ESR 24.x anterior a 24.3, Thunderbird anterior a 24.3, SeaMonkey anterior a 2.24 y otros productos, permite a atacantes remotos causar una denegación de servicio (uso después de liberación) o posiblemente tener otro impacto no especificado a través de vectores que involucran una reanudación de handshake que provoca un reemplazo incorrecto de un ticket de sesión. A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.fedoraproject.org/pipermail/package-announce/2014-February/127966.html http://lists.fedoraproject.org/pipermail/package-announce/2014-February/129218.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2014-03 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0CVE-2013-6629 – libjpeg: information leak (read of uninitialized memory)
https://notcve.org/view.php?id=CVE-2013-6629
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. La función get_sos de jdmarker.c en libjpeg 6b y libjpeg-turbo hasta la versión 1.3.0, tal y como se usa en Google Chrome anterior a la versión 31.0.1650.48, Ghostscript y otros productos, no comprueba ciertas duplicaciones de datos de componentes durante la lectura de segmentos que siguen marcadores Start Of Scan (SOS), lo que permite a atacantes remotos obtener información sensible desde localizaciones de memoria sin inicializar a través de una imagen JPEG manipulada. • http://advisories.mageia.org/MGASA-2013-0333.html http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html http://bugs.ghostscript.com/show_bug.cgi?id=686980 http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html http://lists.fedoraproject.org&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-456: Missing Initialization of a Variable •
CVSS: 5.9EPSS: 0%CPEs: 34EXPL: 0CVE-2013-2566
https://notcve.org/view.php?id=CVE-2013-2566
The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. El algoritmo RC4, tal como se usa en el protocolo TLS y protocolo SSL, tiene muchos "single-byte biases", lo que hace que sea más fácil para atacantes remotos realizar ataques de recuperación de texto claro a través de análisis estadístico de texto cifrado en un gran número de sesiones que utilizan el mismo texto claro. • http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html http://cr.yp.to/talks/2013.03.12/slides.pdf http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://marc.info/?l=bugtraq&m=143039468003789&w=2 http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4 http://security.gentoo.org/glsa/glsa-201406-19.xml http://www.isg.rhul.ac.uk/tls http://www.mozilla.org/security/announce/2013/mfsa2013& • CWE-326: Inadequate Encryption Strength •
CVSS: 9.3EPSS: 1%CPEs: 12EXPL: 3CVE-2013-0784
https://notcve.org/view.php?id=CVE-2013-0784
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. Múltiples vulnerabilidades sin especificar en el motor de búsqueda de Mozilla Firefox, Thunderbird antes de v19.0 antes de v17.0.3 y SeaMonkey antes de v2.16 que permite ataques remotos que provocan una denegación de servicios (corrupción de memoria y caída de la aplicación) o posiblemente ejecutar código arbitrario a través de vectores sin especificar. • http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00017.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00062.html http://www.mozilla.org/security/announce/2013/mfsa2013-21.html http://www.ubuntu.com/usn/USN-1729-1 http://www.ubuntu.com/usn/USN-1729-2 http://www.ubuntu.com/usn/USN-1748-1 https://bugzilla.mozilla.org/show_bug.cgi?id=766452 https://bugzilla.mozilla.org/show_bug.cgi?id=790373 https://bugzilla.mozilla.org/show_bug.cgi?id=7979 •