The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox prior to 20.0, Firefox ESR 17.x prior to 17.0.5, Thunderbird prior to 17.0.5, Thunderbird ESR 17.x prior to 17.0.5, SeaMonkey prior to 2.17, and other products, allows remote malicious users to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla thunderbird |
||
mozilla seamonkey |
||
mozilla thunderbird esr |
||
mozilla firefox esr |
||
mozilla firefox |
||
mozilla network security services |
||
canonical ubuntu linux 11.10 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 10.04 |
||
canonical ubuntu linux 12.04 |
||
oracle vm server 3.2 |
||
redhat enterprise linux server 5.0 |
||
redhat enterprise linux workstation 5.0 |
||
redhat enterprise linux desktop 6.0 |
||
redhat enterprise linux server 6.0 |
||
redhat enterprise linux workstation 6.0 |
||
redhat enterprise linux desktop 5.0 |
||
redhat enterprise linux server aus 5.9 |
||
redhat enterprise linux eus 5.9 |