CVE-2013-5605

Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss) With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code For the oldstable distribution (squeeze), this problem has been fixed in version 3128-1+squeeze7 For the sta ...

Synopsis Important: nss security update Type/Severity Security Advisory: Important Topic Updated nss packages that fix one security issue are now available for RedHat Enterprise Linux 53 Long Life, and Red Hat Enterprise Linux 56 and59 Extended Update SupportThe Red Hat Security Response Team has rated ...

Synopsis Important: nss, nspr, and nss-util security update Type/Severity Security Advisory: Important Topic Updated nss, nspr, and nss-util packages that fix multiple security issuesare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant ...

Synopsis Important: rhev-hypervisor6 security update Type/Severity Security Advisory: Important Topic An updated rhev-hypervisor6 package that fixes multiple security issues isnow availableThe Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Scor ...

Synopsis Important: nss security update Type/Severity Security Advisory: Important Topic Updated nss packages that fix one security issue are now available for RedHat Enterprise Linux 62, 63, and 64 Extended Update SupportThe Red Hat Security Response Team has rated this update as havingimportant securi ...

Synopsis Important: nss and nspr security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Updated nss and nspr packages that fix multiple security issues, severalbugs, and add various enhancements are now available for Red Hat EnterpriseLinux 5The Red Hat Security Response ...

Several security issues were fixed in NSS ...

Several security issues were fixed in Thunderbird ...

Several security issues were fixed in Firefox ...

A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605) It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...

A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605) It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...

Mozilla Foundation Security Advisory 2013-103 Miscellaneous Network Security Services (NSS) vulnerabilities Announced November 15, 2013 Impact Critical Products Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR Fixed in ...