Heap-based buffer overflow in Mozilla Network Security Services (NSS) prior to 3.19.2.3 and 3.20.x and 3.21.x prior to 3.21.1, as used in Mozilla Firefox prior to 45.0 and Firefox ESR 38.x prior to 38.7, allows remote malicious users to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla network security services 3.19.2 |
||
mozilla network security services 3.20 |
||
mozilla network security services 3.20.1 |
||
mozilla network security services 3.21 |
||
mozilla firefox |
||
mozilla firefox esr 38.0 |
||
mozilla firefox esr 38.0.1 |
||
mozilla firefox esr 38.0.5 |
||
mozilla firefox esr 38.1.0 |
||
mozilla firefox esr 38.1.1 |
||
mozilla firefox esr 38.2.0 |
||
mozilla firefox esr 38.2.1 |
||
mozilla firefox esr 38.3.0 |
||
mozilla firefox esr 38.4.0 |
||
mozilla firefox esr 38.5.0 |
||
mozilla firefox esr 38.5.1 |
||
mozilla firefox esr 38.6.0 |
||
mozilla firefox esr 38.6.1 |
||
oracle linux 5.0 |
||
oracle vm server 3.2 |
||
oracle linux 6 |
||
oracle linux 7 |
||
apple watchos |
||
apple iphone os |
||
apple mac os x |
||
apple tvos |
||
oracle glassfish server 2.1.1 |
||
oracle iplanet web proxy server 4.0 |
||
oracle iplanet web server 7.0 |
||
opensuse opensuse 13.1 |