Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2013-1741

Published: 18/11/2013 Updated: 09/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Network Security Services

Vulnerability Summary

Integer overflow in Mozilla Network Security Services (NSS) 3.15 prior to 3.15.3 allows remote malicious users to cause a denial of service or possibly have unspecified other impact via a large size value.

Vulnerable Product Search on Vulmon Subscribe to Product

mozilla network security services 3.15

mozilla network security services 3.15.1

mozilla network security services 3.15.2

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2013-1741 and CVE-2013-5606 in wheezy
Debian Bug report logs - #735105 CVE-2013-1741 and CVE-2013-5606 in wheezy Package: libnss3; Maintainer for libnss3 is Maintainers of Mozilla-related packages <team+pkg-mozilla@trackerdebianorg>; Source for libnss3 is src:nss (PTS, buildd, popcon) Reported by: Arne Wichmann <aw@linuxde> Date: Sun, 12 Jan 2014 18:5 ...
Red Hat: Important: nss, nspr, and nss-util security update
Synopsis Important: nss, nspr, and nss-util security update Type/Severity Security Advisory: Important Topic Updated nss, nspr, and nss-util packages that fix multiple security issuesare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant ...
Red Hat: Important: nss and nspr security, bug fix, and enhancement update
Synopsis Important: nss and nspr security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated nss and nspr packages that fix multiple security issues, severalbugs, and add various enhancements are now available for Red Hat EnterpriseLinux 5The Red Hat Security Response ...
Debian Security Advisories: DSA-2994-1 nss -- security update
Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library: CVE-2013-1741 Runaway memset in certificate parsing on 64-bit computers leading to a crash by attempting to write 4Gb of nulls CVE-2013-5606 Certificate validation with the verifylog mode did not return validation errors, but instead ...
Ubuntu Security Notice: nss vulnerabilities
Several security issues were fixed in NSS ...
Ubuntu Security Notice: thunderbird vulnerabilities
Several security issues were fixed in Thunderbird ...
Ubuntu Security Notice: firefox vulnerabilities
Several security issues were fixed in Firefox ...
Amazon Linux AMI: ALAS-2013-265
A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605) It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...
Amazon Linux AMI: ALAS-2013-266
A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605) It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...
Mozilla: Miscellaneous Network Security Services (NSS) vulnerabilities
Mozilla Foundation Security Advisory 2013-103 Miscellaneous Network Security Services (NSS) vulnerabilities Announced November 15, 2013 Impact Critical Products Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR Fixed in ...

References

CWE-189https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_noteshttps://bugzilla.mozilla.org/show_bug.cgi?id=925100http://www.mozilla.org/security/announce/2013/mfsa2013-103.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1791.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-12/msg00000.htmlhttp://lists.opensuse.org/opensuse-updates/2013-11/msg00080.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1829.htmlhttp://www.ubuntu.com/usn/USN-2030-1http://www.ubuntu.com/usn/USN-2031-1http://www.ubuntu.com/usn/USN-2032-1http://security.gentoo.org/glsa/glsa-201406-19.xmlhttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.htmlhttp://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttp://www.vmware.com/security/advisories/VMSA-2014-0012.htmlhttp://seclists.org/fulldisclosure/2014/Dec/23http://www.debian.org/security/2014/dsa-2994http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlhttp://support.apple.com/kb/HT204942http://lists.apple.com/archives/security-announce/2015/Jun/msg00001.htmlhttp://support.apple.com/kb/HT204941http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlhttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.securityfocus.com/bid/63736https://security.gentoo.org/glsa/201504-01http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761http://www.securityfocus.com/archive/1/534161/100/0/threadedhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735105https://nvd.nist.govhttps://usn.ubuntu.com/2030-1/https://www.debian.org/security/./dsa-2994
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook