Andrew Tinits reported a potentially exploitable buffer overflow in the
Mozilla Network Security Service library (nss) With a specially crafted
request a remote attacker could cause a denial of service or possibly
execute arbitrary code
For the oldstable distribution (squeeze), this problem has been fixed in
version 3128-1+squeeze7
For the sta ...
Synopsis
Important: nss security update
Type/Severity
Security Advisory: Important
Topic
Updated nss packages that fix one security issue are now available for RedHat Enterprise Linux 53 Long Life, and Red Hat Enterprise Linux 56 and59 Extended Update SupportThe Red Hat Security Response Team has rated ...
Synopsis
Important: nss, nspr, and nss-util security update
Type/Severity
Security Advisory: Important
Topic
Updated nss, nspr, and nss-util packages that fix multiple security issuesare now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant ...
Synopsis
Important: rhev-hypervisor6 security update
Type/Severity
Security Advisory: Important
Topic
An updated rhev-hypervisor6 package that fixes multiple security issues isnow availableThe Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulnerability Scor ...
Synopsis
Important: nss security update
Type/Severity
Security Advisory: Important
Topic
Updated nss packages that fix one security issue are now available for RedHat Enterprise Linux 62, 63, and 64 Extended Update SupportThe Red Hat Security Response Team has rated this update as havingimportant securi ...
Synopsis
Important: nss and nspr security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
Updated nss and nspr packages that fix multiple security issues, severalbugs, and add various enhancements are now available for Red Hat EnterpriseLinux 5The Red Hat Security Response ...
Several security issues were fixed in NSS ...
Several security issues were fixed in Thunderbird ...
Several security issues were fixed in Firefox ...
A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605)
It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...
A flaw was found in the way NSS handled invalid handshake packets A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-5605)
It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read un ...
Mozilla Foundation Security Advisory 2013-103
Miscellaneous Network Security Services (NSS) vulnerabilities
Announced
November 15, 2013
Impact
Critical
Products
Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
Fixed in
...