Page 4 of 33 results (0.011 seconds)

CVSS: 7.5EPSS: 7%CPEs: 11EXPL: 0

The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue. La función sec_asn1d_parse_leaf en Mozilla Network Security Services (NSS) en versiones anteriores a 3.19.2.1 y 3.20.x en versiones anteriores a 3.20.1, como se utiliza en Firefox en versiones anteriores a 42.0 y Firefox ESR 38.x en versiones anteriores a 38.4 y otros productos, restringe el acceso de manera incorrecta a una estructura de datos no especificada, lo que permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar código arbitrario a través de datos OCTET STRING manipulados, relacionado con un problema 'use-after-poison'. A use-after-poison flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library. • http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00025.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 0

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors. Mozilla Network Security Services (NSS) anterior a 3.19.1, utilizado en Mozilla Firefox anterior a 39.0, Firefox ESR 31.x anterior a 31.8 y 38.x anterior a 38.1, y otros productos, no realiza correctamente las multiplicaciones Elliptical Curve Cryptography (ECC), lo que facilita a atacantes remotos falsificar firmas ECDSA a través de vectores no especificados. A flaw was found in the way NSS verified certain ECDSA (Elliptic Curve Digital Signature Algorithm) signatures. Under certain conditions, an attacker could use this flaw to conduct signature forgery attacks. • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html http://rhn.redhat.com/errata/RHSA-2015-1664.html http://rhn.redhat.com/errata/RHSA-2015-1699.html http://www.debian.org&#x • CWE-310: Cryptographic Issues CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 4

The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00. La función definite_length_decoder en lib/util/quickder.c en Mozilla Network Security Services (NSS) anterior a 3.16.2.4 y 3.17.x anterior a 3.17.3 no asegura que la codfifcación DER de una longitud ASN.1 está formada correctamente, lo que permite a atacantes remotos realizar ataques del trafico de datos mediante el uso de una secuencia de bytes larga para una codificación, tal y como fue demostrado por el mal manejo de la función SEC_QuickDERDecodeItem de la codificación de longitud arbitraria de 0x00. • http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00033.html http://lists.opensuse.org/opensuse-security-announce/2015-01/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html http://www.debian.org/security/2015/dsa-3186 http://www.intelsecurity.com/resources/wp-berserk-analysis-part-1.pdf http://www •

CVSS: 7.5EPSS: 3%CPEs: 233EXPL: 0

Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue. Mozilla Network Security Services (NSS) anterior a 3.16.2.1, 3.16.x anterior a 3.16.5, y 3.17.x anterior a 3.17.1, utilizado en Mozilla Firefox anterior a 32.0.3, Mozilla Firefox ESR 24.x anterior a 24.8.1 y 31.x anterior a 31.1.1, Mozilla Thunderbird anterior a 24.8.1 y 31.x anterior a 31.1.2, Mozilla SeaMonkey anterior a 2.29.1, Google Chrome anterior a 37.0.2062.124 en Windows y OS X, y Google Chrome OS anterior a 37.0.2062.120, no analiza debidamente los valores ASN.1 en los certificados X.509, lo que facilita a atacantes remotos falsificar las firmas RSA a través de un certificado manipulado, también conocido como un problema de 'maleabilidad de firmas'. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. • http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2014-09&# • CWE-310: Cryptographic Issues CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 10.0EPSS: 10%CPEs: 71EXPL: 0

Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain. Vulnerabilidad de uso después de liberación en la función CERT_DestroyCertificate en libnss3.so en Mozilla Network Security Services (NSS) 3.x, utilizado en Firefox anterior a 31.0, Firefox ESR 24.x anterior a 24.7 y Thunderbird anterior a 24.7, permite a atacantes remotos ejecutar código arbitrario a través de vectores que provocan cierta eliminación indebida de una estructura NSSCertificate de un dominio de confianza. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. • http://secunia.com/advisories/59591 http://secunia.com/advisories/59719 http://secunia.com/advisories/59760 http://secunia.com/advisories/60083 http://secunia.com/advisories/60486 http://secunia.com/advisories/60621 http://secunia.com/advisories/60628 http://www.debian.org/security/2014/dsa-2986 http://www.debian.org/security/2014/dsa-2996 http://www.mozilla.org/security/announce/2014/mfsa2014-63.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htm • CWE-416: Use After Free •