Published: 15/11/2019 Updated: 09/01/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

It exists that NSS incorrectly handled certain invalid Diffie-Hellman keys. A remote attacker could possibly use this flaw to cause NSS to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5285)

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla nss
debian debian linux 8.0
debian debian linux 9.0
debian debian linux 10.0
redhat enterprise linux 5.0
redhat enterprise linux 6.0
redhat enterprise linux 7.0
suse linux enterprise server 11
avaya aura application enablement services
avaya aura application enablement services 7.0
avaya aura application server 5300 3.0
avaya aura communication manager
avaya aura communication manager 7.0
avaya aura communication manager messagint 7.0
avaya breeze platform
avaya call management system 17.0
avaya call management system
avaya iq 5.2.x
avaya cs1000e_firmware
avaya cs1000m_firmware
avaya cs1000e\\/cs1000m_signaling_server_firmware
avaya aura conferencing 7.0
avaya aura conferencing 7.2
avaya aura conferencing 8.0
avaya aura experience portal
avaya ip office 8.1
avaya ip office 9.1
avaya ip office 10.0
avaya aura messaging 6.3
avaya aura messaging 6.3.3
avaya aura session manager
avaya aura session manager 7.0
avaya aura session manager 7.0.1
avaya aura system manager
avaya aura utility services
avaya meeting exchange 6.2
avaya message networking
avaya one-x client enablement services 6.2
avaya proactive contact
avaya session_border_controller_for_enterprise_firmware
avaya aura_system_platform_firmware

Synopsis Moderate: nss and nss-util security update Type/Severity Security Advisory: Moderate Topic An update for nss and nss-util is now available for Red Hat Enterprise Linux 5,Red Hat Enterprise Linux 6, and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security im ...

Several security issues were fixed in NSS ...

CVE-2016-2834 nss: Multiple security flaws (MFSA 2016-61)Multiple buffer handling flaws were found in the way NSS handled cryptographic data from the network A remote attacker could use these flaws to crash an application using NSS or, possibly, execute arbitrary code with the permission of the user running the application CVE-2016-8635 nss: smal ...

Impact: Moderate Public Date: 2016-11-16 Bugzilla: 1383883: CVE-2016-5285 nss: Missing NULL check in PK1 ...

CWE-476 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html http://rhn.redhat.com/errata/RHSA-2016-2779.html http://www.ubuntu.com/usn/USN-3163-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1306103 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html https://bto.bluecoat.com/security-advisory/sa137 http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html https://security.gentoo.org/glsa/201701-46 http://www.securityfocus.com/bid/94349 https://access.redhat.com/errata/RHSA-2016:2779 https://usn.ubuntu.com/3163-1/https://nvd.nist.gov

CVE-2016-5285

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect