ID CVE-2017-5461
Summary Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.
References
Vulnerable Configurations
  • cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.19.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.19.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.20.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.20.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.21.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.21.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.30:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.30:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.22.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.22.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.22.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.22.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.23:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.23:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.24:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.24:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.25:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.25:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.26:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.26:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*
    cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 20-07-2021 - 23:15)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1440080
    title CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 7 is installed
        oval oval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • comment nss-util is earlier than 0:3.28.4-1.0.el7_3
            oval oval:com.redhat.rhsa:tst:20171100001
          • comment nss-util is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364016
        • AND
          • comment nss-util-devel is earlier than 0:3.28.4-1.0.el7_3
            oval oval:com.redhat.rhsa:tst:20171100003
          • comment nss-util-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364018
        • AND
          • comment nss is earlier than 0:3.28.4-1.0.el7_3
            oval oval:com.redhat.rhsa:tst:20171100005
          • comment nss is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364006
        • AND
          • comment nss-devel is earlier than 0:3.28.4-1.0.el7_3
            oval oval:com.redhat.rhsa:tst:20171100007
          • comment nss-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364008
        • AND
          • comment nss-pkcs11-devel is earlier than 0:3.28.4-1.0.el7_3
            oval oval:com.redhat.rhsa:tst:20171100009
          • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364010
        • AND
          • comment nss-sysinit is earlier than 0:3.28.4-1.0.el7_3
            oval oval:com.redhat.rhsa:tst:20171100011
          • comment nss-sysinit is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364012
        • AND
          • comment nss-tools is earlier than 0:3.28.4-1.0.el7_3
            oval oval:com.redhat.rhsa:tst:20171100013
          • comment nss-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364014
    • AND
      • comment Red Hat Enterprise Linux 6 is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • comment nss-util is earlier than 0:3.28.4-1.el6_9
            oval oval:com.redhat.rhsa:tst:20171100016
          • comment nss-util is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364016
        • AND
          • comment nss-util-devel is earlier than 0:3.28.4-1.el6_9
            oval oval:com.redhat.rhsa:tst:20171100017
          • comment nss-util-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364018
        • AND
          • comment nss is earlier than 0:3.28.4-1.el6_9
            oval oval:com.redhat.rhsa:tst:20171100018
          • comment nss is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364006
        • AND
          • comment nss-devel is earlier than 0:3.28.4-1.el6_9
            oval oval:com.redhat.rhsa:tst:20171100019
          • comment nss-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364008
        • AND
          • comment nss-pkcs11-devel is earlier than 0:3.28.4-1.el6_9
            oval oval:com.redhat.rhsa:tst:20171100020
          • comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364010
        • AND
          • comment nss-sysinit is earlier than 0:3.28.4-1.el6_9
            oval oval:com.redhat.rhsa:tst:20171100021
          • comment nss-sysinit is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364012
        • AND
          • comment nss-tools is earlier than 0:3.28.4-1.el6_9
            oval oval:com.redhat.rhsa:tst:20171100022
          • comment nss-tools is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhba:tst:20150364014
    rhsa
    id RHSA-2017:1100
    released 2017-04-20
    severity Critical
    title RHSA-2017:1100: nss and nss-util security update (Critical)
  • bugzilla
    id 1440080
    title CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment nss is earlier than 0:3.21.4-1.el5_11
            oval oval:com.redhat.rhsa:tst:20171101001
          • comment nss is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925006
        • AND
          • comment nss-devel is earlier than 0:3.21.4-1.el5_11
            oval oval:com.redhat.rhsa:tst:20171101003
          • comment nss-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925008
        • AND
          • comment nss-pkcs11-devel is earlier than 0:3.21.4-1.el5_11
            oval oval:com.redhat.rhsa:tst:20171101005
          • comment nss-pkcs11-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925010
        • AND
          • comment nss-tools is earlier than 0:3.21.4-1.el5_11
            oval oval:com.redhat.rhsa:tst:20171101007
          • comment nss-tools is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhba:tst:20150925012
    rhsa
    id RHSA-2017:1101
    released 2017-04-20
    severity Critical
    title RHSA-2017:1101: nss security update (Critical)
  • rhsa
    id RHSA-2017:1102
  • rhsa
    id RHSA-2017:1103
rpms
  • nss-0:3.28.4-1.0.el7_3
  • nss-0:3.28.4-1.el6_9
  • nss-debuginfo-0:3.28.4-1.0.el7_3
  • nss-debuginfo-0:3.28.4-1.el6_9
  • nss-devel-0:3.28.4-1.0.el7_3
  • nss-devel-0:3.28.4-1.el6_9
  • nss-pkcs11-devel-0:3.28.4-1.0.el7_3
  • nss-pkcs11-devel-0:3.28.4-1.el6_9
  • nss-sysinit-0:3.28.4-1.0.el7_3
  • nss-sysinit-0:3.28.4-1.el6_9
  • nss-tools-0:3.28.4-1.0.el7_3
  • nss-tools-0:3.28.4-1.el6_9
  • nss-util-0:3.28.4-1.0.el7_3
  • nss-util-0:3.28.4-1.el6_9
  • nss-util-debuginfo-0:3.28.4-1.0.el7_3
  • nss-util-debuginfo-0:3.28.4-1.el6_9
  • nss-util-devel-0:3.28.4-1.0.el7_3
  • nss-util-devel-0:3.28.4-1.el6_9
  • nss-0:3.21.4-1.el5_11
  • nss-debuginfo-0:3.21.4-1.el5_11
  • nss-devel-0:3.21.4-1.el5_11
  • nss-pkcs11-devel-0:3.21.4-1.el5_11
  • nss-tools-0:3.21.4-1.el5_11
  • nss-util-0:3.13.1-11.el6_2
  • nss-util-0:3.14.3-9.el6_4
  • nss-util-0:3.16.1-5.el6_5
  • nss-util-0:3.19.1-4.el6_6
  • nss-util-0:3.21.4-1.el6_7
  • nss-util-0:3.21.4-1.el7_2
  • nss-util-debuginfo-0:3.13.1-11.el6_2
  • nss-util-debuginfo-0:3.14.3-9.el6_4
  • nss-util-debuginfo-0:3.16.1-5.el6_5
  • nss-util-debuginfo-0:3.19.1-4.el6_6
  • nss-util-debuginfo-0:3.21.4-1.el6_7
  • nss-util-debuginfo-0:3.21.4-1.el7_2
  • nss-util-devel-0:3.13.1-11.el6_2
  • nss-util-devel-0:3.14.3-9.el6_4
  • nss-util-devel-0:3.16.1-5.el6_5
  • nss-util-devel-0:3.19.1-4.el6_6
  • nss-util-devel-0:3.21.4-1.el6_7
  • nss-util-devel-0:3.21.4-1.el7_2
  • nss-0:3.14.3-11.el5_9
  • nss-debuginfo-0:3.14.3-11.el5_9
  • nss-devel-0:3.14.3-11.el5_9
  • nss-pkcs11-devel-0:3.14.3-11.el5_9
  • nss-tools-0:3.14.3-11.el5_9
refmap via4
bid 98050
confirm
debian
  • DSA-3831
  • DSA-3872
gentoo GLSA-201705-04
sectrack 1038320
Last major update 20-07-2021 - 23:15
Published 11-05-2017 - 01:29
Last modified 20-07-2021 - 23:15
Back to Top