ID CVE-2013-1739
Summary Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
References
Vulnerable Configurations
  • Mozilla Network Security Services 3.12
    cpe:2.3:a:mozilla:network_security_services:3.12
  • Mozilla Network Security Services 3.12.1
    cpe:2.3:a:mozilla:network_security_services:3.12.1
  • Mozilla Network Security Services 3.12.2
    cpe:2.3:a:mozilla:network_security_services:3.12.2
  • Mozilla Network Security Services 3.12.3
    cpe:2.3:a:mozilla:network_security_services:3.12.3
  • Mozilla Network Security Services 3.12.3.1
    cpe:2.3:a:mozilla:network_security_services:3.12.3.1
  • Mozilla Network Security Services 3.12.3.2
    cpe:2.3:a:mozilla:network_security_services:3.12.3.2
  • Mozilla Network Security Services 3.12.4
    cpe:2.3:a:mozilla:network_security_services:3.12.4
  • Mozilla Network Security Services 3.12.5
    cpe:2.3:a:mozilla:network_security_services:3.12.5
  • Mozilla Network Security Services 3.12.6
    cpe:2.3:a:mozilla:network_security_services:3.12.6
  • Mozilla Network Security Services 3.12.7
    cpe:2.3:a:mozilla:network_security_services:3.12.7
  • Mozilla Network Security Services 3.12.8
    cpe:2.3:a:mozilla:network_security_services:3.12.8
  • Mozilla Network Security Services 3.12.9
    cpe:2.3:a:mozilla:network_security_services:3.12.9
  • Mozilla Network Security Services 3.12.10
    cpe:2.3:a:mozilla:network_security_services:3.12.10
  • Mozilla Network Security Services 3.12.11
    cpe:2.3:a:mozilla:network_security_services:3.12.11
  • Mozilla Network Security Services 3.14
    cpe:2.3:a:mozilla:network_security_services:3.14
  • Mozilla Network Security Services 3.14.1
    cpe:2.3:a:mozilla:network_security_services:3.14.1
  • Mozilla Network Security Services 3.14.2
    cpe:2.3:a:mozilla:network_security_services:3.14.2
  • Mozilla Network Security Services 3.14.3
    cpe:2.3:a:mozilla:network_security_services:3.14.3
  • Mozilla Network Security Services 3.15
    cpe:2.3:a:mozilla:network_security_services:3.15
  • Mozilla Network Security Services 3.15.1
    cpe:2.3:a:mozilla:network_security_services:3.15.1
CVSS
Base: 5.0 (as of 22-10-2013 - 23:04)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_THUNDERBIRD_24_1.NASL
    description The installed version of Thunderbird is earlier than 24.1 and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Arbitrary HTML content can be put into 'select' elements. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-14
    plugin id 70713
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70713
    title Thunderbird < 24.1 Multiple Vulnerabilities (Mac OS X)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2013-749.NASL
    description Mozilla NSS was updated to 3.15.2 (bnc#842979) - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add PK11_CipherFinal macro - sizeof() used incorrectly - nssutil_ReadSecmodDB() leaks memory - Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished. - Deprecate the SSL cipher policy code - Avoid uninitialized data read in the event of a decryption failure. (CVE-2013-1739)
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 75161
    published 2014-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=75161
    title openSUSE Security Update : mozilla-nss (openSUSE-SU-2013:1539-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_MOZILLA-NSS-201310-131030.NASL
    description Mozilla NSS has been updated to 3.15.2 (bnc#847708) bringing various features and bugfixes : The main feature is TLS 1.2 support and its dependent algorithms. - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add PK11_CipherFinal macro - sizeof() used incorrectly - nssutil_ReadSecmodDB() leaks memory - Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished. - Deprecate the SSL cipher policy code - Avoid uninitialized data read in the event of a decryption failure. (CVE-2013-1739) Changes coming with version 3.15.1 : - TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246 and RFC 5289) are supported, allowing TLS to be used without MD5 and SHA-1. Note the following limitations: The hash function used in the signature for TLS 1.2 client authentication must be the hash function of the TLS 1.2 PRF, which is always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet supported. - some bugfixes and improvements Changes with version 3.15 - New Functionality - Support for OCSP Stapling (RFC 6066, Certificate Status Request) has been added for both client and server sockets. TLS client applications may enable this via a call to SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE); - Added function SECITEM_ReallocItemV2. It replaces function SECITEM_ReallocItem, which is now declared as obsolete. - Support for single-operation (eg: not multi-part) symmetric key encryption and decryption, via PK11_Encrypt and PK11_Decrypt. - certutil has been updated to support creating name constraints extensions.
    last seen 2019-01-16
    modified 2013-11-18
    plugin id 70938
    published 2013-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70938
    title SuSE 11.2 / 11.3 Security Update : Mozilla NSS (SAT Patch Numbers 8484 / 8485)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-257.NASL
    description A vulnerability has been discovered and corrected in mozilla NSS : Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure (CVE-2013-1739). The updated mozilla NSS and NSPR packages have been upgraded to the latest versions where the CVE-2013-1739 flaw has been fixed in NSS. The rootcerts packages have been upgraded providing the latest root CA certs from mozilla as of 2013/04/11. The sqlite3 packages for mes5 have been upgraded to the 3.7.17 version to satisfy the requirements for a future upcoming Firefox 24 ESR advisory.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 70573
    published 2013-10-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70573
    title Mandriva Linux Security Advisory : nss (MDVSA-2013:257)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2010-1.NASL
    description Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-1739, CVE-2013-5590, CVE-2013-5591) Jordi Chancel discovered that HTML select elements could display arbitrary content. If a user had scripting enabled, an attacker could potentially exploit this to conduct URL spoofing or clickjacking attacks. (CVE-2013-5593) Abhishek Arya discovered a crash when processing XSLT data in some circumstances. If a user had scripting enabled, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5604) Dan Gohman discovered a flaw in the JavaScript engine. If a user had enabled scripting, when combined with other vulnerabilities an attacker could possibly exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5595) Ezra Pool discovered a crash on extremely large pages. If a user had scripting enabled, an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5596) Byoungyoung Lee discovered a use-after-free when updating the offline cache. If a user had scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5597) Multiple use-after-free flaws were discovered in Thunderbird. If a user had scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5599, CVE-2013-5600, CVE-2013-5601) A memory corruption flaw was discovered in the JavaScript engine when using workers with direct proxies. If a user had scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5602) Abhishek Arya discovered a use-after-free when interacting with HTML document templates. If a user had scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (CVE-2013-5603). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 70725
    published 2013-11-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70725
    title Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : thunderbird vulnerabilities (USN-2010-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_MOZILLA-NSS-201310-131029.NASL
    description Mozilla NSS has been updated to 3.15.2 (bnc#847708) bringing various features and bugfixes : The main feature is TLS 1.2 support and its dependent algorithms. - Support for AES-GCM ciphersuites that use the SHA-256 PRF - MD2, MD4, and MD5 signatures are no longer accepted for OCSP or CRLs - Add PK11_CipherFinal macro - sizeof() used incorrectly - nssutil_ReadSecmodDB() leaks memory - Allow SSL_HandshakeNegotiatedExtension to be called before the handshake is finished. - Deprecate the SSL cipher policy code - Avoid uninitialized data read in the event of a decryption failure. (CVE-2013-1739) Changes coming with version 3.15.1 : - TLS 1.2 (RFC 5246) is supported. HMAC-SHA256 cipher suites (RFC 5246 and RFC 5289) are supported, allowing TLS to be used without MD5 and SHA-1. Note the following limitations: The hash function used in the signature for TLS 1.2 client authentication must be the hash function of the TLS 1.2 PRF, which is always SHA-256 in NSS 3.15.1. AES GCM cipher suites are not yet supported. - some bugfixes and improvements Changes with version 3.15 - New Functionality - Support for OCSP Stapling (RFC 6066, Certificate Status Request) has been added for both client and server sockets. TLS client applications may enable this via a call to SSL_OptionSetDefault(SSL_ENABLE_OCSP_STAPLING, PR_TRUE); - Added function SECITEM_ReallocItemV2. It replaces function SECITEM_ReallocItem, which is now declared as obsolete. - Support for single-operation (eg: not multi-part) symmetric key encryption and decryption, via PK11_Encrypt and PK11_Decrypt. - certutil has been updated to support creating name constraints extensions.
    last seen 2019-01-16
    modified 2013-11-18
    plugin id 70937
    published 2013-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70937
    title SuSE 11.2 Security Update : Mozilla NSS (SAT Patch Number 8484)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-2790.NASL
    description A flaw was found in the way the Mozilla Network Security Service library (nss) read uninitialized data when there was a decryption failure. A remote attacker could use this flaw to cause a denial of service (application crash) for applications linked with the nss library. The oldstable distribution (squeeze) is not affected by this problem.
    last seen 2019-01-16
    modified 2018-12-18
    plugin id 70737
    published 2013-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70737
    title Debian DSA-2790-1 : nss - uninitialized memory read
  • NASL family Windows
    NASL id SEAMONKEY_222.NASL
    description The installed version of SeaMonkey is earlier than 2.22 and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Arbitrary HTML content can be put into 'select' elements. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-27
    plugin id 70719
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70719
    title SeaMonkey < 2.22 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_THUNDERBIRD_17_0_10_ESR.NASL
    description The installed version of Thunderbird ESR is prior to 17.0.10 and is, therefore, potentially affected the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-14
    plugin id 70712
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70712
    title Thunderbird ESR < 17.0.10 Multiple Vulnerabilities (Mac OS X)
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_24_1.NASL
    description The installed version of Thunderbird is earlier than 24.1 and is, therefore, potentially affected the following vulnerabilities: - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Arbitrary HTML content can be put into 'select' elements. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 70718
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70718
    title Mozilla Thunderbird < 24.1 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_FIREFOX-201310-131108.NASL
    description Mozilla Firefox was updated to the 17.0.10ESR release, fixing various bugs and security issues : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2013-93) Jesse Ruderman and Christoph Diehl reported memory safety problems and crashes that affect Firefox ESR 17, Firefox ESR 24, and Firefox 24. (CVE-2013-5590) Carsten Book reported a crash fixed in the NSS library used by Mozilla-based products fixed in Firefox 25, Firefox ESR 24.1, and Firefox ESR 17.0.10. (CVE-2013-1739) - Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an access violation due to uninitialized data during Extensible Stylesheet Language Transformation (XSLT) processing. This leads to a potentially exploitable crash. (MFSA 2013-95 / CVE-2013-5604) - Compiler Engineer Dan Gohman of Google discovered a flaw in the JavaScript engine where memory was being incorrectly allocated for some functions and the calls for allocations were not always properly checked for overflow, leading to potential buffer overflows. When combined with other vulnerabilities, these flaws could be potentially exploitable. (MFSA 2013-96 / CVE-2013-5595) - Security researcher Byoungyoung Lee of Georgia Tech Information Security Center (GTISC) used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash. (MFSA 2013-98 / CVE-2013-5597) - Security researcher Nils used the Address Sanitizer tool while fuzzing to discover missing strong references in browsing engine leading to use-after-frees. This can lead to a potentially exploitable crash. (MFSA 2013-100) - ASAN heap-use-after-free in nsIPresShell::GetPresContext() with canvas, onresize and mozTextStyle. (CVE-2013-5599) - ASAN use-after-free in nsIOService::NewChannelFromURIWithProxyFlags with Blob URL. (CVE-2013-5600) - ASAN use-after free in GC allocation in nsEventListenerManager::SetEventHandler (CVE-2013-5601) MFSA 2013-101 / CVE-2013-5602: Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash.
    last seen 2019-01-16
    modified 2013-11-24
    plugin id 70934
    published 2013-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70934
    title SuSE 11.2 Security Update : MozillaFirefox (SAT Patch Number 8545)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_81F866AD41A411E3A4AF0025905A4771.NASL
    description The Mozilla Project reports : MFSA 2013-93 Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10) MFSA 2013-94 Spoofing addressbar though SELECT element MFSA 2013-95 Access violation with XSLT and uninitialized data MFSA 2013-96 Improperly initialized memory and overflows in some JavaScript functions MFSA 2013-97 Writing to cycle collected object during image decoding MFSA 2013-98 Use-after-free when updating offline cache MFSA 2013-99 Security bypass of PDF.js checks using iframes MFSA 2013-100 Miscellaneous use-after-free issues found through ASAN fuzzing MFSA 2013-101 Memory corruption in workers MFSA 2013-102 Use-after-free in HTML document templates
    last seen 2019-01-16
    modified 2018-11-21
    plugin id 70701
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70701
    title FreeBSD : mozilla -- multiple vulnerabilities (81f866ad-41a4-11e3-a4af-0025905a4771)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FIREFOX_25.NASL
    description The installed version of Firefox is earlier than 25.0 and is, therefore, potentially affected by multiple vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Arbitrary HTML content can be put into 'select' elements. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - Improper handling of the 'IFRAME' element in PDF.js could result in reading arbitrary files and arbitrary JavaScript code execution. (CVE-2013-5598) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-14
    plugin id 70711
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70711
    title Firefox < 25.0 Multiple Vulnerabilities (Mac OS X)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FIREFOX_17_0_10_ESR.NASL
    description The installed version of Firefox ESR is earlier than 17.0.10 and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-14
    plugin id 70709
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70709
    title Firefox ESR < 17.0.10 Multiple Vulnerabilities (Mac OS X)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-265.NASL
    description A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741 , CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606)
    last seen 2019-01-16
    modified 2018-04-18
    plugin id 71577
    published 2013-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71577
    title Amazon Linux AMI : nss (ALAS-2013-265)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_FIREFOX-201310-131101.NASL
    description Mozilla Firefox has been updated to the 17.0.10ESR release, which fixes various bugs and security issues : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2013-93) Jesse Ruderman and Christoph Diehl reported memory safety problems and crashes that affect Firefox ESR 17, Firefox ESR 24, and Firefox 24. (CVE-2013-5590) Carsten Book reported a crash fixed in the NSS library used by Mozilla-based products fixed in Firefox 25, Firefox ESR 24.1, and Firefox ESR 17.0.10. (CVE-2013-1739) - Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an access violation due to uninitialized data during Extensible Stylesheet Language Transformation (XSLT) processing. This leads to a potentially exploitable crash. (MFSA 2013-95 / CVE-2013-5604) - Compiler Engineer Dan Gohman of Google discovered a flaw in the JavaScript engine where memory was being incorrectly allocated for some functions and the calls for allocations were not always properly checked for overflow, leading to potential buffer overflows. When combined with other vulnerabilities, these flaws could be potentially exploitable. (MFSA 2013-96 / CVE-2013-5595) - Security researcher Byoungyoung Lee of Georgia Tech Information Security Center (GTISC) used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash. (MFSA 2013-98 / CVE-2013-5597) - Security researcher Nils used the Address Sanitizer tool while fuzzing to discover missing strong references in browsing engine leading to use-after-frees. This can lead to a potentially exploitable crash. (MFSA 2013-100) - ASAN heap-use-after-free in nsIPresShell::GetPresContext() with canvas, onresize and mozTextStyle. (CVE-2013-5599) - ASAN use-after-free in nsIOService::NewChannelFromURIWithProxyFlags with Blob URL. (CVE-2013-5600) - ASAN use-after free in GC allocation in nsEventListenerManager::SetEventHandler. (CVE-2013-5601) - Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash. (MFSA 2013-101 / CVE-2013-5602)
    last seen 2019-01-16
    modified 2013-11-24
    plugin id 70933
    published 2013-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70933
    title SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 8491)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20131205_NSS_AND_NSPR_ON_SL5_X.NASL
    description A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via SLSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) In addition, the nss package has been upgraded to upstream version 3.15.3, and the nspr package has been upgraded to upstream version 4.10.2. These updates provide a number of bug fixes and enhancements over the previous versions. This update also fixes the following bug : - The SLBA-2013:1318 update introduced a regression that prevented the use of certificates that have an MD5 signature. This update fixes this regression and certificates that have an MD5 signature are once again supported. To prevent the use of certificates that have an MD5 signature, set the 'NSS_HASH_ALG_SUPPORT' environment variable to '-MD5'. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-12-31
    plugin id 71306
    published 2013-12-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71306
    title Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_25.NASL
    description The installed version of Firefox is earlier than 25.0 and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Arbitrary HTML content can be put into 'select' elements. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - Improper handling of the 'IFRAME' element in PDF.js could result in reading arbitrary files and arbitrary JavaScript code execution. (CVE-2013-5598) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 70716
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70716
    title Firefox < 25.0 Multiple Vulnerabilities
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_FIREFOX_24_1_ESR.NASL
    description The installed version of Firefox ESR 24.x is earlier than 24.1 and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Arbitrary HTML content can be put into 'select' elements. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - Improper handling of the 'IFRAME' element in PDF.js could result in reading arbitrary files and arbitrary JavaScript code execution. (CVE-2013-5598) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-14
    plugin id 70710
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70710
    title Firefox ESR 24.x < 24.1 Multiple Vulnerabilities (Mac OS X)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1791.NASL
    description Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) Red Hat would like to thank the Mozilla project for reporting CVE-2013-1741, CVE-2013-5606, and CVE-2013-5607. Upstream acknowledges Tavis Ormandy as the original reporter of CVE-2013-1741, Camilo Viecco as the original reporter of CVE-2013-5606, and Pascal Cuoq, Kamil Dudka, and Wan-Teh Chang as the original reporters of CVE-2013-5607. In addition, the nss package has been upgraded to upstream version 3.15.3, and the nspr package has been upgraded to upstream version 4.10.2. These updates provide a number of bug fixes and enhancements over the previous versions. (BZ#1033478, BZ#1020520) This update also fixes the following bug : * The RHBA-2013:1318 update introduced a regression that prevented the use of certificates that have an MD5 signature. This update fixes this regression and certificates that have an MD5 signature are once again supported. To prevent the use of certificates that have an MD5 signature, set the 'NSS_HASH_ALG_SUPPORT' environment variable to '-MD5'. (BZ#1033499) Users of NSS and NSPR are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-26
    plugin id 71243
    published 2013-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71243
    title RHEL 5 : nss and nspr (RHSA-2013:1791)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1791.NASL
    description Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) Red Hat would like to thank the Mozilla project for reporting CVE-2013-1741, CVE-2013-5606, and CVE-2013-5607. Upstream acknowledges Tavis Ormandy as the original reporter of CVE-2013-1741, Camilo Viecco as the original reporter of CVE-2013-5606, and Pascal Cuoq, Kamil Dudka, and Wan-Teh Chang as the original reporters of CVE-2013-5607. In addition, the nss package has been upgraded to upstream version 3.15.3, and the nspr package has been upgraded to upstream version 4.10.2. These updates provide a number of bug fixes and enhancements over the previous versions. (BZ#1033478, BZ#1020520) This update also fixes the following bug : * The RHBA-2013:1318 update introduced a regression that prevented the use of certificates that have an MD5 signature. This update fixes this regression and certificates that have an MD5 signature are once again supported. To prevent the use of certificates that have an MD5 signature, set the 'NSS_HASH_ALG_SUPPORT' environment variable to '-MD5'. (BZ#1033499) Users of NSS and NSPR are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 71237
    published 2013-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71237
    title CentOS 5 : nspr / nss (CESA-2013:1791)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201406-19.NASL
    description The remote host is affected by the vulnerability described in GLSA-201406-19 (Mozilla Network Security Service: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in the Mozilla Network Security Service. Please review the CVE identifiers referenced below for more details about the vulnerabilities. Impact : A remote attacker can cause a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-01-16
    modified 2018-07-13
    plugin id 76178
    published 2014-06-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76178
    title GLSA-201406-19 : Mozilla Network Security Service: Multiple vulnerabilities
  • NASL family Web Servers
    NASL id GLASSFISH_CPU_JUL_2014.NASL
    description The version of GlassFish Server running on the remote host is affected by multiple vulnerabilities in the following components : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (CVE-2013-1739) - The implementation of Network Security Services (NSS) does not properly handle the TLS False Start feature and could allow man-in-the-middle attacks. (CVE-2013-1740) - Network Security Services (NSS) contains an integer overflow flaw that allows remote attackers to cause a denial of service. (CVE-2013-1741) - An error exists in the 'Null_Cipher' function in the file 'ssl/ssl3con.c' related to handling invalid handshake packets that could allow arbitrary code execution. (CVE-2013-5605) - An error exists in the 'CERT_VerifyCert' function in the file 'lib/certhigh/certvfy.c' that could allow invalid certificates to be treated as valid. (CVE-2013-5606) - Oracle Mojarra contains a cross-site scripting vulnerability due to improperly sanitized user-supplied input. This allows an attacker to execute arbitrary script code within the context of the affected site. (CVE-2013-5855) - Network Security Services (NSS) contains a race condition in libssl that occurs during session ticket processing. A remote attacker can exploit this flaw to cause a denial of service. (CVE-2014-1490) - Network Security Services (NSS) does not properly restrict public values in Diffie-Hellman key exchanges, allowing a remote attacker to bypass cryptographic protection mechanisms. (CVE-2014-1491) - An issue exists in the Network Security (NSS) library due to improper handling of IDNA domain prefixes for wildcard certificates. This issue allows man-in- the-middle attacks. (CVE-2014-1492)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 76591
    published 2014-07-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76591
    title Oracle GlassFish Server Multiple Vulnerabilities (July 2014 CPU)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2013-1829.NASL
    description Updated nss, nspr, and nss-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) Red Hat would like to thank the Mozilla project for reporting CVE-2013-1741, CVE-2013-5606, and CVE-2013-5607. Upstream acknowledges Tavis Ormandy as the original reporter of CVE-2013-1741, Camilo Viecco as the original reporter of CVE-2013-5606, and Pascal Cuoq, Kamil Dudka, and Wan-Teh Chang as the original reporters of CVE-2013-5607. All NSS, NSPR, and nss-util users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 71380
    published 2013-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71380
    title CentOS 6 : nspr / nss / nss-util (CESA-2013:1829)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1829.NASL
    description From Red Hat Security Advisory 2013:1829 : Updated nss, nspr, and nss-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) Red Hat would like to thank the Mozilla project for reporting CVE-2013-1741, CVE-2013-5606, and CVE-2013-5607. Upstream acknowledges Tavis Ormandy as the original reporter of CVE-2013-1741, Camilo Viecco as the original reporter of CVE-2013-5606, and Pascal Cuoq, Kamil Dudka, and Wan-Teh Chang as the original reporters of CVE-2013-5607. All NSS, NSPR, and nss-util users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 71388
    published 2013-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71388
    title Oracle Linux 6 : nspr / nss / nss-util (ELSA-2013-1829)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2030-1.NASL
    description Multiple security issues were discovered in NSS. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. This update also adds TLS v1.2 support to Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.04. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 70962
    published 2013-11-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70962
    title Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : nss vulnerabilities (USN-2030-1)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2013-1791.NASL
    description From Red Hat Security Advisory 2013:1791 : Updated nss and nspr packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) Red Hat would like to thank the Mozilla project for reporting CVE-2013-1741, CVE-2013-5606, and CVE-2013-5607. Upstream acknowledges Tavis Ormandy as the original reporter of CVE-2013-1741, Camilo Viecco as the original reporter of CVE-2013-5606, and Pascal Cuoq, Kamil Dudka, and Wan-Teh Chang as the original reporters of CVE-2013-5607. In addition, the nss package has been upgraded to upstream version 3.15.3, and the nspr package has been upgraded to upstream version 4.10.2. These updates provide a number of bug fixes and enhancements over the previous versions. (BZ#1033478, BZ#1020520) This update also fixes the following bug : * The RHBA-2013:1318 update introduced a regression that prevented the use of certificates that have an MD5 signature. This update fixes this regression and certificates that have an MD5 signature are once again supported. To prevent the use of certificates that have an MD5 signature, set the 'NSS_HASH_ALG_SUPPORT' environment variable to '-MD5'. (BZ#1033499) Users of NSS and NSPR are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-07-18
    plugin id 71241
    published 2013-12-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71241
    title Oracle Linux 5 : nspr / nss (ELSA-2013-1791)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_FIREFOX-201310-131109.NASL
    description Mozilla Firefox was updated to the 17.0.10ESR release, fixing various bugs and security issues : - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. (MFSA 2013-93) Jesse Ruderman and Christoph Diehl reported memory safety problems and crashes that affect Firefox ESR 17, Firefox ESR 24, and Firefox 24. (CVE-2013-5590) Carsten Book reported a crash fixed in the NSS library used by Mozilla-based products fixed in Firefox 25, Firefox ESR 24.1, and Firefox ESR 17.0.10. (CVE-2013-1739) - Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover an access violation due to uninitialized data during Extensible Stylesheet Language Transformation (XSLT) processing. This leads to a potentially exploitable crash. (MFSA 2013-95 / CVE-2013-5604) - Compiler Engineer Dan Gohman of Google discovered a flaw in the JavaScript engine where memory was being incorrectly allocated for some functions and the calls for allocations were not always properly checked for overflow, leading to potential buffer overflows. When combined with other vulnerabilities, these flaws could be potentially exploitable. (MFSA 2013-96 / CVE-2013-5595) - Security researcher Byoungyoung Lee of Georgia Tech Information Security Center (GTISC) used the Address Sanitizer tool to discover a use-after-free during state change events while updating the offline cache. This leads to a potentially exploitable crash. (MFSA 2013-98 / CVE-2013-5597) - Security researcher Nils used the Address Sanitizer tool while fuzzing to discover missing strong references in browsing engine leading to use-after-frees. This can lead to a potentially exploitable crash. (MFSA 2013-100) - ASAN heap-use-after-free in nsIPresShell::GetPresContext() with canvas, onresize and mozTextStyle. (CVE-2013-5599) - ASAN use-after-free in nsIOService::NewChannelFromURIWithProxyFlags with Blob URL. (CVE-2013-5600) - ASAN use-after free in GC allocation in nsEventListenerManager::SetEventHandler (CVE-2013-5601) MFSA 2013-101 / CVE-2013-5602: Security researcher Nils used the Address Sanitizer tool while fuzzing to discover a memory corruption issue with the JavaScript engine when using workers with direct proxies. This results in a potentially exploitable crash.
    last seen 2019-01-16
    modified 2013-11-24
    plugin id 70935
    published 2013-11-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70935
    title SuSE 11.2 Security Update : MozillaFirefox (SAT Patch Number 8545)
  • NASL family Misc.
    NASL id ORACLE_TRAFFIC_DIRECTOR_JULY_2014_CPU.NASL
    description The remote host is running an unpatched version of Oracle Traffic Director that is affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (CVE-2013-1739) - The implementation of Network Security Services (NSS) does not properly handle the TLS False Start feature and could allow man-in-the-middle attacks. (CVE-2013-1740) - NSS contains an integer overflow flaw that allows remote attackers to cause a denial of service. (CVE-2013-1741) - An error exists in the 'Null_Cipher' function in the file 'ssl/ssl3con.c' related to handling invalid handshake packets that could allow arbitrary code execution. (CVE-2013-5605) - An error exists in the 'CERT_VerifyCert' function in the file 'lib/certhigh/certvfy.c' that could allow invalid certificates to be treated as valid. (CVE-2013-5606) - Network Security Services (NSS) contains a race condition in libssl that occurs during session ticket processing. A remote attacker can exploit this flaw to cause a denial of service. (CVE-2014-1490) - Network Security Services (NSS) does not properly restrict public values in Diffie-Hellman key exchanges, allowing a remote attacker to bypass cryptographic protection mechanisms. (CVE-2014-1491) - An issue exists in the Network Security (NSS) library due to improper handling of IDNA domain prefixes for wildcard certificates. This issue could allow man-in- the-middle attacks. (CVE-2014-1492)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 76938
    published 2014-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76938
    title Oracle Traffic Director Multiple Vulnerabilities (July 2014 CPU)
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_24_1_ESR.NASL
    description The installed version of Firefox ESR 24.x is earlier than 24.1, and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Arbitrary HTML content can be put into 'select' elements. This can be used to spoof the displayed address bar, leading to clickjacking and other spoofing attacks. (CVE-2013-5593) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - A race condition exists during image collection on large web pages that could result in a denial of service or arbitrary code execution. (CVE-2013-5596) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5603) - Improper handling of the 'IFRAME' element in PDF.js could result in reading arbitrary files and arbitrary JavaScript code execution. (CVE-2013-5598) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 70715
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70715
    title Firefox ESR 24.x < 24.1 Multiple Vulnerabilities
  • NASL family Windows
    NASL id MOZILLA_FIREFOX_17010_ESR.NASL
    description The installed version of Firefox ESR is earlier than 17.0.10, and is, therefore, potentially affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 70714
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70714
    title Firefox ESR < 17.0.10 Multiple Vulnerabilities
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20131212_NSS__NSPR__AND_NSS_UTIL_ON_SL6_X.NASL
    description A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via SLSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-12-31
    plugin id 71424
    published 2013-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71424
    title Scientific Linux Security Update : nss, nspr, and nss-util on SL6.x i386/x86_64
  • NASL family Web Servers
    NASL id SUN_JAVA_WEB_SERVER_7_0_20.NASL
    description According to its self-reported version, the Oracle iPlanet Web Server (formerly Sun Java System Web Server) running on the remote host is 7.0.x prior to 7.0.20. It is, therefore, affected by the following vulnerabilities in the Network Security Services (NSS) : - The implementation of NSS does not ensure that data structures are initialized, which can result in a denial of service or disclosure of sensitive information. (CVE-2013-1739) - An error exists in the ssl_Do1stHandshake() function in file sslsecur.c due to unencrypted data being returned from PR_Recv when the TLS False Start feature is enabled. A man-in-the-middle attacker can exploit this, by using an arbitrary X.509 certificate, to spoof SSL servers during certain handshake traffic. (CVE-2013-1740) - An integer overflow condition exists related to handling input greater than half the maximum size of the 'PRUint32' value. A remote attacker can exploit this to cause a denial of service or possibly have other impact. (CVE-2013-1741) - An error exists in the Null_Cipher() function in the file ssl3con.c related to handling invalid handshake packets. A remote attacker, using a crafted request, can exploit this to execute arbitrary code. (CVE-2013-5605) - An error exists in the CERT_VerifyCert() function in the file certvfy.c when handling trusted certificates with incompatible key usages. A remote attacker, using a crafted request, can exploit this to have an invalid certificates treated as valid. (CVE-2013-5606) - A race condition exists in libssl that occurs during session ticket processing. A remote attacker can exploit this to cause a denial of service. (CVE-2014-1490) - Network Security Services (NSS) does not properly restrict public values in Diffie-Hellman key exchanges, allowing a remote attacker to bypass cryptographic protection mechanisms. (CVE-2014-1491) - An issue exists in the Network Security (NSS) library due to improper handling of IDNA domain prefixes for wildcard certificates. A man-in-the-middle attacker, using a crafted certificate, can exploit this to spoof an SSL server. (CVE-2014-1492)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 76593
    published 2014-07-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76593
    title Oracle iPlanet Web Server 7.0.x < 7.0.20 Multiple Vulnerabilities
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2013-270.NASL
    description Multiple security issues was identified and fixed in mozilla NSPR and NSS : Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure (CVE-2013-1739). Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value (CVE-2013-1741). The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext (CVE-2013-2566). Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets (CVE-2013-5605). The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate (CVE-2013-5606). Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741 (CVE-2013-5607). The NSPR packages has been upgraded to the 4.10.2 version and the NSS packages has been upgraded to the 3.15.3 version which is unaffected by these security flaws. Additionally the rootcerts packages has been upgraded with the latest certdata.txt file as of 2013/11/11 from mozilla.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 70998
    published 2013-11-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70998
    title Mandriva Linux Security Advisory : nss (MDVSA-2013:270)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2009-1.NASL
    description Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-1739, CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) Jordi Chancel discovered that HTML select elements could display arbitrary content. An attacker could potentially exploit this to conduct URL spoofing or clickjacking attacks (CVE-2013-5593) Abhishek Arya discovered a crash when processing XSLT data in some circumstances. An attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5604) Dan Gohman discovered a flaw in the JavaScript engine. When combined with other vulnerabilities, an attacked could possibly exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5595) Ezra Pool discovered a crash on extremely large pages. An attacked could potentially exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5596) Byoungyoung Lee discovered a use-after-free when updating the offline cache. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5597) Cody Crews discovered a way to append an iframe in to an embedded PDF object displayed with PDF.js. An attacked could potentially exploit this to read local files, leading to information disclosure. (CVE-2013-5598) Multiple use-after-free flaws were discovered in Firefox. An attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5599, CVE-2013-5600, CVE-2013-5601) A memory corruption flaw was discovered in the JavaScript engine when using workers with direct proxies. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5602) Abhishek Arya discovered a use-after-free when interacting with HTML document templates. An attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-5603). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-01-16
    modified 2018-12-01
    plugin id 70698
    published 2013-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70698
    title Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : firefox vulnerabilities (USN-2009-1)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2013-266.NASL
    description A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741 , CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606)
    last seen 2019-01-16
    modified 2018-04-18
    plugin id 71578
    published 2013-12-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71578
    title Amazon Linux AMI : nspr (ALAS-2013-266)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1829.NASL
    description Updated nss, nspr, and nss-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. (CVE-2013-5605) It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash. (CVE-2013-1739) An integer overflow flaw was discovered in both NSS and NSPR's implementation of certification parsing on 64-bit systems. A remote attacker could use these flaws to cause an application using NSS or NSPR to crash. (CVE-2013-1741, CVE-2013-5607) It was discovered that NSS did not reject certificates with incompatible key usage constraints when validating them while the verifyLog feature was enabled. An application using the NSS certificate validation API could accept an invalid certificate. (CVE-2013-5606) Red Hat would like to thank the Mozilla project for reporting CVE-2013-1741, CVE-2013-5606, and CVE-2013-5607. Upstream acknowledges Tavis Ormandy as the original reporter of CVE-2013-1741, Camilo Viecco as the original reporter of CVE-2013-5606, and Pascal Cuoq, Kamil Dudka, and Wan-Teh Chang as the original reporters of CVE-2013-5607. All NSS, NSPR, and nss-util users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing this update, applications using NSS, NSPR, or nss-util must be restarted for this update to take effect.
    last seen 2019-01-16
    modified 2018-11-26
    plugin id 71390
    published 2013-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71390
    title RHEL 6 : nss, nspr, and nss-util (RHSA-2013:1829)
  • NASL family CGI abuses
    NASL id ORACLE_OPENSSO_AGENT_CPU_OCT_2014.NASL
    description The Oracle OpenSSO agent installed on the remote host is missing a vendor-supplied update. It is, therefore, affected by multiple vulnerabilities in the bundled Mozilla Network Security Services, the most serious of which can allow remote code execution.
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 78774
    published 2014-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=78774
    title Oracle OpenSSO Agent Multiple Vulnerabilities (October 2014 CPU)
  • NASL family Windows
    NASL id IPLANET_WEB_PROXY_4_0_24.NASL
    description The remote host has a version of Oracle iPlanet Web Proxy Server (formerly Sun Java System Web Proxy Server) 4.0 prior to 4.0.24. It is, therefore, affected by the following vulnerabilities : - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (CVE-2013-1739) - The implementation of Network Security Services (NSS) does not properly handle the TLS False Start feature and could allow man-in-the-middle attacks. (CVE-2013-1740) - An error exists related to handling input greater than half the maximum size of the 'PRUint32' value. (CVE-2013-1741) - An error exists in the 'Null_Cipher' function in the file 'ssl/ssl3con.c' related to handling invalid handshake packets that could allow arbitrary code execution. (CVE-2013-5605) - An error exists in the 'CERT_VerifyCert' function in the file 'lib/certhigh/certvfy.c' that could allow invalid certificates to be treated as valid. (CVE-2013-5606) - Network Security Services (NSS) contains a race condition in libssl that occurs during session ticket processing. A remote attacker can exploit this flaw to cause a denial of service. (CVE-2014-1490) - Network Security Services (NSS) does not properly restrict public values in Diffie-Hellman key exchanges, allowing a remote attacker to bypass cryptographic protection mechanisms. (CVE-2014-1491) - An issue exists in the Network Security (NSS) library due to improper handling of IDNA domain prefixes for wildcard certificates. This issue could allow man-in- the-middle attacks. (CVE-2014-1492)
    last seen 2019-01-16
    modified 2018-11-15
    plugin id 76592
    published 2014-07-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=76592
    title Oracle iPlanet Web Proxy Server 4.0 < 4.0.24 Multiple Vulnerabilities
  • NASL family Windows
    NASL id MOZILLA_THUNDERBIRD_17010_ESR.NASL
    description The installed version of Thunderbird ESR is earlier than 17.0.10 and is, therefore, potentially affected the following vulnerabilities: - The implementation of Network Security Services (NSS) does not ensure that data structures are initialized, which could result in a denial of service or disclosure of sensitive information. (2013-1739) - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5590, CVE-2013-5591, CVE-2013-5592) - Memory issues exist in the JavaScript engine that could result in a denial of service or arbitrary code execution. (CVE-2013-5595, CVE-2013-5602) - Multiple use-after-free vulnerabilities exist that could result in a denial of service or arbitrary code execution. (CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601) - A stack-based buffer overflow in txXPathNodeUtils::getBaseURI is possible due to uninitialized data during XSLT processing. (CVE-2013-5604)
    last seen 2019-01-16
    modified 2018-07-16
    plugin id 70717
    published 2013-10-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70717
    title Mozilla Thunderbird ESR < 17.0.10 Multiple Vulnerabilities
oval via4
accepted 2014-10-06T04:02:48.250-04:00
class vulnerability
contributors
  • name Maria Kedovskaya
    organization ALTX-SOFT
  • name Maria Mikhno
    organization ALTX-SOFT
  • name Richard Helbing
    organization baramundi software
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
  • name Evgeniy Pavlov
    organization ALTX-SOFT
definition_extensions
  • comment Mozilla Seamonkey is installed
    oval oval:org.mitre.oval:def:6372
  • comment Mozilla Thunderbird Mainline release is installed
    oval oval:org.mitre.oval:def:22093
  • comment Mozilla Firefox Mainline release is installed
    oval oval:org.mitre.oval:def:22259
description Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
family windows
id oval:org.mitre.oval:def:19254
status accepted
submitted 2013-11-01T16:31:26.748+04:00
title Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
version 29
redhat via4
advisories
  • rhsa
    id RHSA-2013:1791
  • rhsa
    id RHSA-2013:1829
rpms
  • nspr-0:4.10.2-2.el5_10
  • nspr-devel-0:4.10.2-2.el5_10
  • nss-0:3.15.3-3.el5_10
  • nss-devel-0:3.15.3-3.el5_10
  • nss-pkcs11-devel-0:3.15.3-3.el5_10
  • nss-tools-0:3.15.3-3.el5_10
  • nspr-0:4.10.2-1.el6_5
  • nspr-devel-0:4.10.2-1.el6_5
  • nss-util-0:3.15.3-1.el6_5
  • nss-util-devel-0:3.15.3-1.el6_5
  • nss-0:3.15.3-2.el6_5
  • nss-devel-0:3.15.3-2.el6_5
  • nss-pkcs11-devel-0:3.15.3-2.el6_5
  • nss-sysinit-0:3.15.3-2.el6_5
  • nss-tools-0:3.15.3-2.el6_5
refmap via4
bid 62966
bugtraq 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
confirm
debian DSA-2790
fulldisc 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
gentoo GLSA-201406-19
suse
  • SUSE-SU-2013:1678
  • openSUSE-SU-2013:1539
  • openSUSE-SU-2013:1542
ubuntu USN-2030-1
Last major update 30-12-2016 - 21:59
Published 22-10-2013 - 18:55
Last modified 09-10-2018 - 15:33
Back to Top