Debian Bug report logs -
#726473
nss: CVE-2013-1739
Package:
nss;
Maintainer for nss is Maintainers of Mozilla-related packages <team+pkg-mozilla@trackerdebianorg>;
Reported by: Michael Gilbert <mgilbert@debianorg>
Date: Wed, 16 Oct 2013 04:30:02 UTC
Severity: grave
Found in version 2:3143-1
Fixed in versions ...
Synopsis
Important: nss, nspr, and nss-util security update
Type/Severity
Security Advisory: Important
Topic
Updated nss, nspr, and nss-util packages that fix multiple security issuesare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant ...
Synopsis
Important: nss and nspr security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
Updated nss and nspr packages that fix multiple security issues, severalbugs, and add various enhancements are now available for Red Hat EnterpriseLinux 5The Red Hat Security Response ...
A flaw was found in the way the Mozilla Network Security Service library
(nss) read uninitialized data when there was a decryption failure A
remote attacker could use this flaw to cause a denial of service
(application crash) for applications linked with the nss library
The oldstable distribution (squeeze) is not affected by this problem
For the ...
Firefox could be made to crash or run programs as your login if it
opened a malicious website ...
Several security issues were fixed in NSS ...
Several security issues were fixed in Thunderbird ...
Mozilla Foundation Security Advisory 2013-93
Miscellaneous memory safety hazards (rv:250 / rv:241 / rv:17010)
Announced
October 29, 2013
Reporter
Mozilla Developers
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey ...
A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605)
It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...
A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605)
It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...
Mozilla Network Security Services (NSS) before 3152 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure ...