Published: 13/03/2016 Updated: 27/12/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla network_security_services 3.21
mozilla network_security_services 3.19.2
mozilla network_security_services 3.20
mozilla network_security_services 3.20.1
mozilla firefox
mozilla firefox_esr 38.6.1
mozilla firefox_esr 38.1.1
mozilla firefox_esr 38.1.0
mozilla firefox_esr 38.2.1
mozilla firefox_esr 38.2.0
mozilla firefox_esr 38.6.0
mozilla firefox_esr 38.5.1
mozilla firefox_esr 38.0.5
mozilla firefox_esr 38.0.1
mozilla firefox_esr 38.5.0
mozilla firefox_esr 38.4.0
mozilla firefox_esr 38.3.0
mozilla firefox_esr 38.0
oracle linux 5.0
oracle vm server 3.2
oracle linux 7
oracle linux 6
apple iphone os
apple watchos
apple mac os x
apple tvos
oracle iplanet web proxy server 4.0
oracle iplanet web server 7.0
oracle glassfish server 2.1.1
opensuse opensuse 13.1

A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN1 structures An attacker could use this flaw to create a specially crafted certificate which, when parsed by NSS, could cause it to crash, or execute arbitrary code, using the permissions of the user running an application compiled against the NSS library ...

NSS could be made to crash or run programs if it received specially crafted input ...

Firefox could be made to crash or run programs as your login if it opened a malicious website ...

USN-2917-1 introduced several regressions in Firefox ...

Several security issues were fixed in Thunderbird ...

USN-2917-1 introduced several regressions in Firefox ...

Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail client: Multiple memory safety errors, integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service For the oldstable distribution (wheezy), these problems have been fixed in ...

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, denial of service, address bar spoofing and overwriting local files For the oldstable distribution ...

Several vulnerabilities were discovered in NSS, the cryptography library developed by the Mozilla project CVE-2015-4000 David Adrian et al reported that it may be feasible to attack Diffie-Hellman-based cipher suites in certain circumstances, compromising the confidentiality and integrity of data encrypted with Transport Layer Se ...

Mozilla Foundation Security Advisory 2016-35 Buffer overflow during ASN1 decoding in NSS Announced March 8, 2016 Reporter Francis Gabriel Impact Critical Products Firefox, Firefox ESR, NSS, Thunderbird Fixed in ...

CWE-119 http://www.mozilla.org/security/announce/2016/mfsa2016-35.html https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes https://bugzilla.mozilla.org/show_bug.cgi?id=1245528 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes https://support.apple.com/HT206166 http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html https://support.apple.com/HT206169 http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html https://support.apple.com/HT206168 https://support.apple.com/HT206167 http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/84223 https://security.gentoo.org/glsa/201605-06 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html https://bto.bluecoat.com/security-advisory/sa119 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html http://www.debian.org/security/2016/dsa-3510 http://www.ubuntu.com/usn/USN-2917-2 http://www.securitytracker.com/id/1035215 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html http://www.ubuntu.com/usn/USN-2934-1 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html http://www.ubuntu.com/usn/USN-2917-1 http://www.ubuntu.com/usn/USN-2924-1 http://www.debian.org/security/2016/dsa-3520 http://www.ubuntu.com/usn/USN-2917-3 http://rhn.redhat.com/errata/RHSA-2016-0495.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.debian.org/security/2016/dsa-3688 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2016-667.html https://usn.ubuntu.com/2924-1/

CVE-2016-1950

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect