CVE-2014-1544
Vulnerability from cvelistv5
Published
2014-07-23 10:00
Modified
2024-08-06 09:42
Severity ?
Summary
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
References
security@mozilla.orghttp://secunia.com/advisories/59591
security@mozilla.orghttp://secunia.com/advisories/59719
security@mozilla.orghttp://secunia.com/advisories/59760
security@mozilla.orghttp://secunia.com/advisories/60083
security@mozilla.orghttp://secunia.com/advisories/60486
security@mozilla.orghttp://secunia.com/advisories/60621
security@mozilla.orghttp://secunia.com/advisories/60628
security@mozilla.orghttp://www.debian.org/security/2014/dsa-2986
security@mozilla.orghttp://www.debian.org/security/2014/dsa-2996
security@mozilla.orghttp://www.mozilla.org/security/announce/2014/mfsa2014-63.htmlVendor Advisory
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
security@mozilla.orghttp://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
security@mozilla.orghttp://www.securityfocus.com/bid/68816
security@mozilla.orghttp://www.securitytracker.com/id/1030617
security@mozilla.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=963150
security@mozilla.orghttps://security.gentoo.org/glsa/201504-01
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59591
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59719
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59760
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60083
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60486
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60621
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60628
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2986
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2014/dsa-2996
af854a3a-2127-422b-91ae-364da2661108http://www.mozilla.org/security/announce/2014/mfsa2014-63.htmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/68816
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1030617
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=963150
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201504-01
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:42:36.185Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
          },
          {
            "name": "59719",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59719"
          },
          {
            "name": "60083",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60083"
          },
          {
            "name": "68816",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/68816"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-63.html"
          },
          {
            "name": "60621",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60621"
          },
          {
            "name": "GLSA-201504-01",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201504-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "name": "1030617",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030617"
          },
          {
            "name": "DSA-2996",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2996"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963150"
          },
          {
            "name": "60486",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60486"
          },
          {
            "name": "60628",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60628"
          },
          {
            "name": "DSA-2986",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2014/dsa-2986"
          },
          {
            "name": "59760",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59760"
          },
          {
            "name": "59591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/59591"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-01-04T20:57:01",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
        },
        {
          "name": "59719",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59719"
        },
        {
          "name": "60083",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60083"
        },
        {
          "name": "68816",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/68816"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-63.html"
        },
        {
          "name": "60621",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60621"
        },
        {
          "name": "GLSA-201504-01",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201504-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
        },
        {
          "name": "1030617",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030617"
        },
        {
          "name": "DSA-2996",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2996"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963150"
        },
        {
          "name": "60486",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60486"
        },
        {
          "name": "60628",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60628"
        },
        {
          "name": "DSA-2986",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2014/dsa-2986"
        },
        {
          "name": "59760",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59760"
        },
        {
          "name": "59591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/59591"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2014-1544",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
            },
            {
              "name": "59719",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59719"
            },
            {
              "name": "60083",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60083"
            },
            {
              "name": "68816",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/68816"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-63.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-63.html"
            },
            {
              "name": "60621",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60621"
            },
            {
              "name": "GLSA-201504-01",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201504-01"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
            },
            {
              "name": "1030617",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030617"
            },
            {
              "name": "DSA-2996",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2996"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=963150",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=963150"
            },
            {
              "name": "60486",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60486"
            },
            {
              "name": "60628",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60628"
            },
            {
              "name": "DSA-2986",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2014/dsa-2986"
            },
            {
              "name": "59760",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59760"
            },
            {
              "name": "59591",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/59591"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2014-1544",
    "datePublished": "2014-07-23T10:00:00",
    "dateReserved": "2014-01-16T00:00:00",
    "dateUpdated": "2024-08-06T09:42:36.185Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-1544\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2014-07-23T11:12:42.777\",\"lastModified\":\"2024-11-21T02:04:32.330\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n CERT_DestroyCertificate en libnss3.so en Mozilla Network Security Services (NSS) 3.x, utilizado en Firefox anterior a 31.0, Firefox ESR 24.x anterior a 24.7 y Thunderbird anterior a 24.7, permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores que provocan cierta eliminaci\u00f3n indebida de una estructura NSSCertificate de un dominio de confianza.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"30.0\",\"matchCriteriaId\":\"3BD70C79-7EA7-49CB-B3D6-6C77E0C55BB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"18E772D1-DD0F-4F04-8BB4-9550F3C601E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:24.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"050A0328-B07A-4CC7-B42E-A034F3140032\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:24.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"732CC40B-BCBA-436B-956F-52BE28D9B79B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:24.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4DE4CBB-6604-4AF2-B499-06BCD9E213C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:24.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70ECF11D-B5D0-4EBA-9E1F-0978AF7C7818\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:24.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A237D8D8-5656-4537-AD08-30CB8B4DAD63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:24.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04B61AC7-E951-407F-A62E-490F9FEDE9C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:24.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9F70319-C8E4-4F54-9449-B0C3A59BF7C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:24.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CAD5F3B-54D7-425B-89D2-A3A86DE31BAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:24.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44D4B068-3456-4748-94BE-ACBA6A026570\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44E0E1D0-F71C-4A3F-B3EE-97B299EF2AE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47CD4C15-02C8-42F2-9AF3-E44F74DE62B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DDE473-7A61-46AD-9D3B-CA299928FD44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"046596DB-57EB-4354-A79E-B3B1D5B4DD26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0755B957-CB78-4B8E-9CFE-D53389789ADA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D292FA-E062-4C52-AE0A-CA7D183D9E2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83E1A0EA-9E2F-407F-A72F-D5061B6CD318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B565D82B-CAB8-4512-B7B7-0402146DD2B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68341EA6-4FF0-4F87-AC71-4EC5D648406C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A91596AC-3F28-4BBD-A697-81909A5407B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A57A5053-018B-468C-BC18-5140E6B5B048\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2962B1B-4B7F-4527-AE4C-C76787FEDB67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE921188-7A50-479F-853F-95127C9BE4E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F710939C-8598-40FE-9D5F-A3665723A5C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75572113-BD36-49BB-B7A1-177EB7DD3AA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F18265E-EE99-4D0F-B975-22A86077A611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5E3EA58-3FD3-4AD8-AA63-057F8D31301B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A51D3086-99CB-4C01-B286-3F7F6B6FB3AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACA7EB49-52A7-4AFC-9D7D-0225A430B636\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAD5F88F-038C-4973-8391-C40C08573F8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F474C4B3-B85D-4059-B5D9-84238A642EC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5BB4C26-42DC-48F7-B73B-4C88FD3D1E01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0FCC4537-605F-4A3B-AAD1-FC7D0F44F6B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E62D1D1B-985D-440B-AD23-3F16AEC8DA45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54B8C2DA-E663-437B-83DA-5521AF002C8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94C2A7CF-71DB-431C-8F13-E6F46961F68D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"000A1698-C9DE-49A1-9F5D-FDED34A134E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"601788BD-8B31-417F-AE7D-BE8E4107C1EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A99645-6A81-40C3-B46F-3D1ABF00EF00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EBCB20B-A367-485F-9115-04EABBE69C5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E38E21D-23A9-4D0D-B45B-AF019CD448F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33955B7C-ABA0-49E3-BEF8-AD29FD31DA5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42C5B25D-E039-427D-8655-FD6BB9302793\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6E3FD4C-57C7-49CC-B970-18FE767A5ABD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE6B5A1-2E92-427A-810F-0139632F4410\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"548E3AAC-3628-4CA4-98CF-7F3724F4355D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E39AD87-3C6C-4B2F-AC3C-84FDBE184440\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"99EDA73B-F030-48C0-AAC1-7B8FF1D9E54E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3720323-D3BD-4ACD-93B7-B1687E2B241B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3AA512E-B2EA-4C73-91B9-14BD5776EE53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7D2D713-5A78-4D78-BF0B-2BC1A621D4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CD0792F-A78A-420B-8069-67920BC5DEE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A05D7AA9-8EA2-4063-B853-FE1E3CA85B03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B591920E-38ED-4046-AD08-E31464C61A18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7456D704-3B98-42EC-929A-91BD1E95233F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27F38E50-AF67-4F2B-9DA2-0BDC4BE7D5BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"473B6DB5-D433-4B1C-9F0D-8260A143D437\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D87CDFCB-B9FF-49F4-88BA-49D14E6FA8FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3D4DE8E-7184-4A6B-87EA-A0B116EA0155\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADAF26C6-58D5-4273-803C-04A28FC86D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F8F3540-57BF-4B9D-B0A8-61B4220905B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"24.6\",\"matchCriteriaId\":\"E0B063ED-8BD8-4E14-8990-D23CCB0A20BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7CCAFDF1-10BB-4AB0-9C9D-E99DDBA901BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31EE89B8-705F-4A05-9015-3D6E81D394E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30AE3D4-6A3E-435E-BDBF-1A9A17297433\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0C705A0-62C0-485A-A077-C7DD426F80B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"66C802A7-E4D5-4D2D-9CE8-749A75DF7461\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E8A57FA-AC27-4288-8E42-97DECF3B993C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D474B11-98D0-41A3-A98B-CFB6955264AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:24.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BBD940E-9EF0-460B-A721-E70C719F2244\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/59591\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/59719\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/59760\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/60083\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/60486\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/60621\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/60628\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2986\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2996\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.mozilla.org/security/announce/2014/mfsa2014-63.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.securityfocus.com/bid/68816\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.securitytracker.com/id/1030617\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=963150\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://security.gentoo.org/glsa/201504-01\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://secunia.com/advisories/59591\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59719\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/59760\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60083\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60486\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60621\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60628\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2014/dsa-2996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.mozilla.org/security/announce/2014/mfsa2014-63.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/68816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1030617\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=963150\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201504-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/416.html\\\" target=\\\"_blank\\\"\u003eCWE-416: Use After Free\u003c/a\u003e\"}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.