The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) prior to 3.21, as used in Mozilla Firefox prior to 44.0, improperly divides numbers, which might make it easier for remote malicious users to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 13.1 |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.2 |
||
mozilla nss |
||
mozilla firefox |