cnvd - cnvd-2017-06447

cnvd-2017-06447

Vulnerability from cnvd

Title: Mozilla Network Security Services拒绝服务漏洞

Description:

Mozilla Network Security Services（NSS）是美国Mozilla基金会开发的一个函数库（网络安全服务库），它可跨平台提供SSL、S/MIME和其他Internet安全标准支持。

Mozilla NSS中存在安全漏洞。远程攻击者可利用该漏洞造成拒绝服务（越边界写入）。

Severity: 高

Patch Name: Mozilla Network Security Services拒绝服务漏洞的补丁

Patch Description:

Mozilla Network Security Services（NSS）是美国Mozilla基金会开发的一个函数库（网络安全服务库），它可跨平台提供SSL、S/MIME和其他Internet安全标准支持。

Mozilla NSS中存在安全漏洞。远程攻击者可利用该漏洞造成拒绝服务（越边界写入）。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下厂商提供的安全补丁以修复该漏洞： https://www.mozilla.com/

Reference: http://www.securityfocus.com/bid/98050 https://bugzilla.mozilla.org/show_bug.cgi?id=1344380 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes

Impacted products

Name
['Mozilla Network Security Services <=3.21.4', 'Mozilla Network Security Services >=3.22.，3.28.，<3.28.4', 'Mozilla Network Security Services 3.29.* ，<3.29.5', 'Mozilla Network Security Services 3.30.*，<3.30.1']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "98050"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-5461"
    }
  },
  "description": "Mozilla Network Security Services\uff08NSS\uff09\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u5f00\u53d1\u7684\u4e00\u4e2a\u51fd\u6570\u5e93\uff08\u7f51\u7edc\u5b89\u5168\u670d\u52a1\u5e93\uff09\uff0c\u5b83\u53ef\u8de8\u5e73\u53f0\u63d0\u4f9bSSL\u3001S/MIME\u548c\u5176\u4ed6Internet\u5b89\u5168\u6807\u51c6\u652f\u6301\u3002\r\n\r\nMozilla NSS\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d8a\u8fb9\u754c\u5199\u5165\uff09\u3002",
  "discovererName": "Ronald Crane",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttps://www.mozilla.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-06447",
  "openTime": "2017-05-14",
  "patchDescription": "Mozilla Network Security Services\uff08NSS\uff09\u662f\u7f8e\u56fdMozilla\u57fa\u91d1\u4f1a\u5f00\u53d1\u7684\u4e00\u4e2a\u51fd\u6570\u5e93\uff08\u7f51\u7edc\u5b89\u5168\u670d\u52a1\u5e93\uff09\uff0c\u5b83\u53ef\u8de8\u5e73\u53f0\u63d0\u4f9bSSL\u3001S/MIME\u548c\u5176\u4ed6Internet\u5b89\u5168\u6807\u51c6\u652f\u6301\u3002\r\n\r\nMozilla NSS\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\uff08\u8d8a\u8fb9\u754c\u5199\u5165\uff09\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Mozilla Network Security Services\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mozilla Network Security Services \u003c=3.21.4",
      "Mozilla Network Security Services \u003e=3.22.*\uff0c3.28.*\uff0c\u003c3.28.4",
      "Mozilla Network Security Services 3.29.* \uff0c\u003c3.29.5",
      "Mozilla Network Security Services 3.30.*\uff0c\u003c3.30.1"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/98050\r\nhttps://bugzilla.mozilla.org/show_bug.cgi?id=1344380 \r\nhttps://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes",
  "serverity": "\u9ad8",
  "submitTime": "2017-05-10",
  "title": "Mozilla Network Security Services\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}

CVE-2017-5461 (GCVE-0-2017-5461)

Vulnerability from cvelistv5

Published

2017-05-11 01:00

Modified

2024-08-05 15:04

Severity ?

CWE

Out-of-bounds write in Base64 encoding in NSS

Summary

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.

References

▼	URL	Tags
	https://security.gentoo.org/glsa/201705-04	vendor-advisory, x_refsource_GENTOO
	http://www.securityfocus.com/bid/98050	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:1103	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3831	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1100	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1102	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1101	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3872	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1038320	vdb-entry, x_refsource_SECTRACK
	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	x_refsource_CONFIRM
	https://www.oracle.com//security-alerts/cpujul2021.html	x_refsource_MISC
	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes	x_refsource_CONFIRM
	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes	x_refsource_CONFIRM
	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes	x_refsource_CONFIRM
	https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes	x_refsource_CONFIRM
	https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461	x_refsource_CONFIRM
	https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461	x_refsource_CONFIRM
	https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/#CVE-2017-5461	x_refsource_CONFIRM
	https://bugzilla.mozilla.org/show_bug.cgi?id=1344380	x_refsource_CONFIRM
	https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

Mozilla

Thunderbird

Version: unspecified < 52.1

	Mozilla	Firefox ESR	Version: unspecified < 45.9 Version: unspecified < 52.1
	Mozilla	Firefox	Version: unspecified < 53

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:04:14.289Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201705-04",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201705-04"
          },
          {
            "name": "98050",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/98050"
          },
          {
            "name": "RHSA-2017:1103",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1103"
          },
          {
            "name": "DSA-3831",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3831"
          },
          {
            "name": "RHSA-2017:1100",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1100"
          },
          {
            "name": "RHSA-2017:1102",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1102"
          },
          {
            "name": "RHSA-2017:1101",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1101"
          },
          {
            "name": "DSA-3872",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3872"
          },
          {
            "name": "1038320",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038320"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/#CVE-2017-5461"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1344380"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "52.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "45.9",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "52.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "53",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2017-05-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Out-of-bounds write in Base64 encoding in NSS",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-20T22:53:05",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "name": "GLSA-201705-04",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201705-04"
        },
        {
          "name": "98050",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/98050"
        },
        {
          "name": "RHSA-2017:1103",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1103"
        },
        {
          "name": "DSA-3831",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3831"
        },
        {
          "name": "RHSA-2017:1100",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1100"
        },
        {
          "name": "RHSA-2017:1102",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1102"
        },
        {
          "name": "RHSA-2017:1101",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1101"
        },
        {
          "name": "DSA-3872",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3872"
        },
        {
          "name": "1038320",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038320"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/#CVE-2017-5461"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1344380"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2017-5461",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Thunderbird",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "52.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Firefox ESR",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "45.9"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "52.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Firefox",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "53"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Mozilla"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Out-of-bounds write in Base64 encoding in NSS"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201705-04",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201705-04"
            },
            {
              "name": "98050",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/98050"
            },
            {
              "name": "RHSA-2017:1103",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1103"
            },
            {
              "name": "DSA-3831",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3831"
            },
            {
              "name": "RHSA-2017:1100",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1100"
            },
            {
              "name": "RHSA-2017:1102",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1102"
            },
            {
              "name": "RHSA-2017:1101",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:1101"
            },
            {
              "name": "DSA-3872",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2017/dsa-3872"
            },
            {
              "name": "1038320",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038320"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes",
              "refsource": "CONFIRM",
              "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes"
            },
            {
              "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes",
              "refsource": "CONFIRM",
              "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes"
            },
            {
              "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes",
              "refsource": "CONFIRM",
              "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes"
            },
            {
              "name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes",
              "refsource": "CONFIRM",
              "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes"
            },
            {
              "name": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461",
              "refsource": "CONFIRM",
              "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461"
            },
            {
              "name": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461",
              "refsource": "CONFIRM",
              "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461"
            },
            {
              "name": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/#CVE-2017-5461",
              "refsource": "CONFIRM",
              "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/#CVE-2017-5461"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1344380",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1344380"
            },
            {
              "name": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461",
              "refsource": "CONFIRM",
              "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2017-5461",
    "datePublished": "2017-05-11T01:00:00",
    "dateReserved": "2017-01-13T00:00:00",
    "dateUpdated": "2024-08-05T15:04:14.289Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted