Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2016-1950

Опубликовано: 13 мар. 2016
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 8.8

Описание

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

РелизСтатусПримечание
devel

not-affected

45.0+build2-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [45.0+build2-0ubuntu0.14.04.1]]
precise

released

45.0+build2-0ubuntu0.12.04.1
precise/esm

DNE

precise was released [45.0+build2-0ubuntu0.12.04.1]
trusty

released

45.0+build2-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [45.0+build2-0ubuntu0.14.04.1]
upstream

released

45.0
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

released

45.0+build2-0ubuntu0.15.10.1

Показывать по

РелизСтатусПримечание
devel

released

2:3.21-1ubuntu4
esm-infra-legacy/trusty

not-affected

2:3.21-0ubuntu0.14.04.2
esm-infra/xenial

not-affected

2:3.21-1ubuntu4
precise

released

2:3.21-0ubuntu0.12.04.3
precise/esm

not-affected

2:3.21-0ubuntu0.12.04.3
trusty

released

2:3.21-0ubuntu0.14.04.2
trusty/esm

not-affected

2:3.21-0ubuntu0.14.04.2
upstream

released

3.21.1
vivid/stable-phone-overlay

ignored

end of life
vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
devel

released

1:38.8.0+build1-0ubuntu1
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1:38.7.2+build1-0ubuntu0.14.04.1]]
precise

released

1:38.7.2+build1-0ubuntu0.12.04.1
precise/esm

DNE

precise was released [1:38.7.2+build1-0ubuntu0.12.04.1]
trusty

released

1:38.7.2+build1-0ubuntu0.14.04.1
trusty/esm

DNE

trusty was released [1:38.7.2+build1-0ubuntu0.14.04.1]
upstream

released

38.7
vivid/stable-phone-overlay

DNE

vivid/ubuntu-core

DNE

wily

released

1:38.7.2+build1-0ubuntu0.15.10.1

Показывать по

Ссылки на источники

EPSS

Процентиль: 82%
0.01752
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2016-1950

redhat
больше 9 лет назад

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

nvd логотип

CVE-2016-1950

CVSS3: 8.8
nvd
больше 9 лет назад

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

debian логотип

CVE-2016-1950

CVSS3: 8.8
debian
больше 9 лет назад

Heap-based buffer overflow in Mozilla Network Security Services (NSS) ...

github логотип

GHSA-8cv9-944x-284m

CVSS3: 8.8
github
больше 3 лет назад

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

oracle-oval логотип

ELSA-2016-0371

oracle-oval
больше 9 лет назад

ELSA-2016-0371: nss security update (CRITICAL)

EPSS

Процентиль: 82%
0.01752
Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3