[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-0791Date: (C)2013-04-03   (M)2024-03-27


The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-58826
IAVM:2013-A-0068
RHSA-2013:1135
RHSA-2013:1144
SUSE-SU-2013:0645
SUSE-SU-2013:0850
USN-1791-1
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
http://www.mozilla.org/security/announce/2013/mfsa2013-40.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
https://bugzilla.mozilla.org/show_bug.cgi?id=629816
openSUSE-SU-2013:0630
openSUSE-SU-2013:0631
oval:org.mitre.oval:def:17150

CPE    154
cpe:/a:mozilla:seamonkey:2.11:beta3
cpe:/a:mozilla:seamonkey:2.11:beta2
cpe:/a:mozilla:seamonkey:2.11:beta5
cpe:/a:mozilla:seamonkey:2.11:beta4
...
CWE    1
CWE-119
OVAL    17
oval:org.secpod.oval:def:701252
oval:org.secpod.oval:def:1600325
oval:org.secpod.oval:def:501086
oval:org.secpod.oval:def:1500200
...

© SecPod Technologies