Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla network_security_services 3.21 |
||
mozilla network_security_services 3.19.2 |
||
mozilla network_security_services 3.20 |
||
mozilla network_security_services 3.20.1 |
||
mozilla firefox |
||
mozilla firefox_esr 38.6.1 |
||
mozilla firefox_esr 38.1.1 |
||
mozilla firefox_esr 38.1.0 |
||
mozilla firefox_esr 38.2.1 |
||
mozilla firefox_esr 38.2.0 |
||
mozilla firefox_esr 38.6.0 |
||
mozilla firefox_esr 38.5.1 |
||
mozilla firefox_esr 38.0.5 |
||
mozilla firefox_esr 38.0.1 |
||
mozilla firefox_esr 38.5.0 |
||
mozilla firefox_esr 38.4.0 |
||
mozilla firefox_esr 38.3.0 |
||
mozilla firefox_esr 38.0 |
||
oracle linux 5.0 |
||
oracle vm server 3.2 |
||
oracle linux 7 |
||
oracle linux 6 |
||
apple iphone os |
||
apple watchos |
||
apple mac os x |
||
apple tvos |
||
oracle iplanet web proxy server 4.0 |
||
oracle iplanet web server 7.0 |
||
oracle glassfish server 2.1.1 |
||
opensuse opensuse 13.1 |