CVE-2016-1978
nss: Use-after-free in NSS during SSL connections in low memory (MFSA 2016-15)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.
Vulnerabilidad de uso después de liberación de memoria en la función ssl3_HandleECDHServerKeyExchange en Mozilla Network Security Services (NSS) en versiones anteriores a 3.21, como se utiliza en Mozilla Firefox en versiones anteriores a 44.0, permite a atacantes remotos causar una denegación de servicio o posiblemente tener otro impacto no especificado llevando a cabo un apretón de manos SSL (1) DHE o (2) ECDHE en un momento de alto consumo de memoria.
A use-after-free flaw was found in the way NSS handled DHE (Diffie–Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-01-20 CVE Reserved
- 2016-03-13 CVE Published
- 2023-06-14 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (22)
| URL | Tag | Source |
|---|---|---|
| http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | X_refsource_confirm |
|
| http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | X_refsource_confirm |
|
| http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/84275 | Vdb Entry | |
| http://www.securityfocus.com/bid/91787 | Vdb Entry | |
| http://www.securitytracker.com/id/1035258 | Vdb Entry | |
| https://bto.bluecoat.com/security-advisory/sa124 | X_refsource_confirm | |
| https://bugzilla.mozilla.org/show_bug.cgi?id=1209546 | X_refsource_confirm | |
| https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | <= 43.0.4 Search vendor "Mozilla" for product "Firefox" and version " <= 43.0.4" | - |
Affected
| in | Mozilla Search vendor "Mozilla" | Network Security Services Search vendor "Mozilla" for product "Network Security Services" | <= 3.20.1 Search vendor "Mozilla" for product "Network Security Services" and version " <= 3.20.1" | - |
Affected
|