CVE-2017-11698 – NSS Buffer Overflows / Floating Point Exception
https://notcve.org/view.php?id=CVE-2017-11698
Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. Desbordamiento de búfer basado en memoria dinámica (heap) en la función __get_page en lib/dbm/src/h_page.c en Mozilla Network Security Services (NSS) permite que atacantes dependientes del contexto provoquen un impacto no especificado empleando un archivo cert8.db manipulado. Network Security Services (NSS) suffers from a floating point exception and multiple heap buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html http://seclists.org/fulldisclosure/2017/Aug/17 http://www.geeknik.net/9brdqk6xu http://www.securityfocus.com/bid/100345 http://www.securitytracker.com/id/1039153 https://security.gentoo.org/glsa/202003-37 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-11695 – NSS Buffer Overflows / Floating Point Exception
https://notcve.org/view.php?id=CVE-2017-11695
Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. Desbordamiento de búfer basado en memoria dinámica (heap) en la función alloc_segs en lib/dbm/src/hash.c en Mozilla Network Security Services (NSS) permite que atacantes dependientes del contexto provoquen un impacto no especificado empleando un archivo cert8.db manipulado. Network Security Services (NSS) suffers from a floating point exception and multiple heap buffer overflow vulnerabilities. • http://packetstormsecurity.com/files/143735/NSS-Buffer-Overflows-Floating-Point-Exception.html http://seclists.org/fulldisclosure/2017/Aug/17 http://www.geeknik.net/9brdqk6xu http://www.securityfocus.com/bid/100345 http://www.securitytracker.com/id/1039153 https://security.gentoo.org/glsa/202003-37 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-7502 – nss: Null pointer dereference when handling empty SSLv2 messages
https://notcve.org/view.php?id=CVE-2017-7502
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. Se ha encontrado una vulnerabilidad de desreferencia de puntero NULL en NSS desde la versión 3.24.0 en la que el servidor recibe mensajes SSLv2 vacíos, lo que da lugar a una denegación de servicio (DoS) por parte de atacantes remotos. A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the NSS library. • http://www.debian.org/security/2017/dsa-3872 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/98744 http://www.securitytracker.com/id/1038579 https://access.redhat.com/errata/RHSA-2017:1364 https://access.redhat.com/errata/RHSA-2017:1365 https://access.redhat.com/errata/RHSA-2017:1567 https://access.redhat.com/errata/RHSA-2017:1712 https://hg.mozilla.org/projects/nss/rev/55ea60effd0d https://access.redhat.com/security • CWE-476: NULL Pointer Dereference •
CVE-2017-5462
https://notcve.org/view.php?id=CVE-2017-5462
A flaw in DRBG number generation within the Network Security Services (NSS) library where the internal state V does not correctly carry bits over. The NSS library has been updated to fix this issue to address this issue and Firefox ESR 52.1 has been updated with NSS version 3.28.4. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. Error en la generación de números DRBG en la biblioteca Network Security Services (NSS) cuando el V de estado interno no transporta bits correctamente. La biblioteca NSS ha sido actualizada para solucionar este problema y Firefox ESR 52.1 ha sido actualizado con la versión 3.28.4 de NSS. • http://www.securityfocus.com/bid/97940 http://www.securitytracker.com/id/1038320 https://bugzilla.mozilla.org/show_bug.cgi?id=1345089 https://security.gentoo.org/glsa/201705-04 https://www.debian.org/security/2017/dsa-3831 https://www.debian.org/security/2017/dsa-3872 https://www.mozilla.org/security/advisories/mfsa2017-10 https://www.mozilla.org/security/advisories/mfsa2017-11 https://www.mozilla.org/security/advisories/mfsa2017-12 https://www.mozilla.org/security/advisories • CWE-682: Incorrect Calculation •
CVE-2017-5461 – nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)
https://notcve.org/view.php?id=CVE-2017-5461
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations. Los servicios de Seguridad de Red de Mozilla (Network Security Services o NSS) en versiones anteriores a la 3.21.4, versiones de las 3.22.x a las 3.28.x anteriores a la 3.28.4, versiones 3.29.x anteriores a la 3.29.5 y versiones 3.30.x anteriores a la 3.30.1 permiten que atacantes remotos provoquen una denegación de servicio (escritura fuera de límites) o que, probablemente, causen otro impacto no especificado aprovechando operaciones en base64 incorrectas. An out-of-bounds write flaw was found in the way NSS performed certain Base64-decoding operations. An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library. • http://www.debian.org/security/2017/dsa-3831 http://www.debian.org/security/2017/dsa-3872 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/98050 http://www.securitytracker.com/id/1038320 https://access.redhat.com/errata/RHSA-2017:1100 https://access.redhat.com/errata/RHSA-2017:1101 https://access.redhat.com/errata/RHSA-2017:1102 https://access. • CWE-787: Out-of-bounds Write •