The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) prior to 3.13.4, as used in Firefox 4.x up to and including 12.0, Firefox ESR 10.x prior to 10.0.5, Thunderbird 5.0 up to and including 12.0, Thunderbird ESR 10.x prior to 10.0.5, and SeaMonkey prior to 2.10, allows remote malicious users to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 4.0 |
||
mozilla firefox 5.0 |
||
mozilla firefox 5.0.1 |
||
mozilla firefox 8.0.1 |
||
mozilla firefox 9.0.1 |
||
mozilla firefox esr 10.0 |
||
mozilla firefox esr 10.0.1 |
||
mozilla thunderbird 6.0.2 |
||
mozilla thunderbird 7.0.1 |
||
mozilla thunderbird 10.0.1 |
||
mozilla thunderbird 10.0 |
||
mozilla thunderbird 10.0.4 |
||
mozilla thunderbird esr 10.0.4 |
||
mozilla seamonkey |
||
mozilla seamonkey 2.8 |
||
mozilla seamonkey 2.7 |
||
mozilla seamonkey 2.6.1 |
||
mozilla seamonkey 2.5 |
||
mozilla seamonkey 2.4 |
||
mozilla seamonkey 2.3 |
||
mozilla firefox 7.0 |
||
mozilla firefox 8.0 |
||
mozilla firefox 12.0 |
||
mozilla thunderbird 6.0 |
||
mozilla thunderbird 6.0.1 |
||
mozilla thunderbird 10.0.2 |
||
mozilla thunderbird 10.0.3 |
||
mozilla thunderbird esr 10.0.2 |
||
mozilla thunderbird esr 10.0.3 |
||
mozilla seamonkey 2.6 |
||
mozilla seamonkey 2.4.1 |
||
mozilla seamonkey 2.3.1 |
||
mozilla seamonkey 2.3.2 |
||
mozilla seamonkey 2.1 |
||
mozilla seamonkey 2.0.8 |
||
mozilla seamonkey 2.0.7 |
||
mozilla seamonkey 2.0.13 |
||
mozilla seamonkey 2.0.10 |
||
mozilla seamonkey 2.0 |
||
mozilla seamonkey 1.1.17 |
||
mozilla seamonkey 1.1.7 |
||
mozilla seamonkey 1.1.12 |
||
mozilla seamonkey 1.1 |
||
mozilla seamonkey 1.5.0.9 |
||
mozilla seamonkey 1.0.9 |
||
mozilla seamonkey 1.1.13 |
||
mozilla network security services |
||
mozilla network security services 3.12.2 |
||
mozilla network security services 3.7.3 |
||
mozilla network security services 3.7.5 |
||
mozilla network security services 3.4.1 |
||
mozilla network security services 3.4.2 |
||
mozilla network security services 3.2 |
||
mozilla network security services 3.9 |
||
mozilla firefox 4.0.1 |
||
mozilla firefox 6.0 |
||
mozilla firefox 6.0.2 |
||
mozilla firefox 9.0 |
||
mozilla firefox 10.0.2 |
||
mozilla firefox 10.0 |
||
mozilla firefox esr 10.0.2 |
||
mozilla firefox esr 10.0.3 |
||
mozilla thunderbird 7.0 |
||
mozilla thunderbird 8.0 |
||
mozilla thunderbird 11.0 |
||
mozilla thunderbird 12.0 |
||
mozilla seamonkey 2.9 |
||
mozilla seamonkey 2.3.3 |
||
mozilla seamonkey 2.2 |
||
mozilla seamonkey 2.0.6 |
||
mozilla seamonkey 2.0.5 |
||
mozilla seamonkey 1.1.19 |
||
mozilla seamonkey 1.1.14 |
||
mozilla seamonkey 1.1.15 |
||
mozilla seamonkey 1.1.11 |
||
mozilla seamonkey 1.0 |
||
mozilla seamonkey 1.1.4 |
||
mozilla seamonkey 1.0.6 |
||
mozilla seamonkey 1.5.0.10 |
||
mozilla seamonkey 1.0.5 |
||
mozilla seamonkey 1.0.4 |
||
mozilla network security services 3.6.1 |
||
mozilla network security services 3.7 |
||
mozilla network security services 3.3 |
||
mozilla network security services 3.3.1 |
||
mozilla network security services 3.11.2 |
||
mozilla network security services 3.11.5 |
||
mozilla firefox 6.0.1 |
||
mozilla firefox 7.0.1 |
||
mozilla firefox 10.0.1 |
||
mozilla firefox 11.0 |
||
mozilla firefox esr 10.0.4 |
||
mozilla thunderbird 5.0 |
||
mozilla thunderbird 9.0.1 |
||
mozilla thunderbird 9.0 |
||
mozilla thunderbird esr 10.0 |
||
mozilla thunderbird esr 10.0.1 |
||
mozilla seamonkey 2.7.1 |
||
mozilla seamonkey 2.7.2 |
||
mozilla seamonkey 2.0.2 |
||
mozilla seamonkey 2.0.1 |
||
mozilla seamonkey 2.0.12 |
||
mozilla seamonkey 2.0.4 |
||
mozilla seamonkey 1.1.18 |
||
mozilla seamonkey 1.1.8 |
||
mozilla seamonkey 1.1.6 |
||
mozilla seamonkey 1.1.9 |
||
mozilla seamonkey 1.1.5 |
||
mozilla seamonkey 1.5.0.8 |
||
mozilla seamonkey 1.1.3 |
||
mozilla seamonkey 1.1.2 |
||
mozilla seamonkey 1.0.3 |
||
mozilla seamonkey 1.0.2 |
||
mozilla network security services 3.7.1 |
||
mozilla network security services 3.7.2 |
||
mozilla network security services 3.3.2 |
||
mozilla network security services 3.4 |
||
mozilla network security services 3.11.4 |
||
mozilla network security services 3.2.1 |
||
mozilla seamonkey 2.0.11 |
||
mozilla seamonkey 2.0.9 |
||
mozilla seamonkey 2.0.14 |
||
mozilla seamonkey 2.0.3 |
||
mozilla seamonkey 1.1.16 |
||
mozilla seamonkey 1.1.1 |
||
mozilla seamonkey 1.1.10 |
||
mozilla seamonkey 1.0.8 |
||
mozilla seamonkey 1.0.7 |
||
mozilla seamonkey 1.0.1 |
||
mozilla network security services 3.12.1 |
||
mozilla network security services 3.12 |
||
mozilla network security services 3.7.7 |
||
mozilla network security services 3.8 |
||
mozilla network security services 3.5 |
||
mozilla network security services 3.6 |
||
mozilla network security services 3.11.3 |