ID CVE-2013-1741
Summary Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 09-10-2018 - 19:34)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2013:1791
  • rhsa
    id RHSA-2013:1829
rpms
  • nspr-0:4.10.2-2.el5_10
  • nspr-devel-0:4.10.2-2.el5_10
  • nss-0:3.15.3-3.el5_10
  • nss-devel-0:3.15.3-3.el5_10
  • nss-pkcs11-devel-0:3.15.3-3.el5_10
  • nss-tools-0:3.15.3-3.el5_10
  • nspr-0:4.10.2-1.el6_5
  • nspr-devel-0:4.10.2-1.el6_5
  • nss-util-0:3.15.3-1.el6_5
  • nss-util-devel-0:3.15.3-1.el6_5
  • nss-0:3.15.3-2.el6_5
  • nss-devel-0:3.15.3-2.el6_5
  • nss-pkcs11-devel-0:3.15.3-2.el6_5
  • nss-sysinit-0:3.15.3-2.el6_5
  • nss-tools-0:3.15.3-2.el6_5
refmap via4
apple
  • APPLE-SA-2015-06-30-1
  • APPLE-SA-2015-06-30-2
bid 63736
bugtraq 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
confirm
debian DSA-2994
fulldisc 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
gentoo
  • GLSA-201406-19
  • GLSA-201504-01
suse
  • SUSE-SU-2013:1807
  • openSUSE-SU-2013:1732
ubuntu
  • USN-2030-1
  • USN-2031-1
  • USN-2032-1
Last major update 09-10-2018 - 19:34
Published 18-11-2013 - 05:23
Back to Top