7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.073 Low
EPSS
Percentile
93.4%
Several issues existed within the ASN.1 decoder used by NSS for handling
streaming BER data. While the majority of NSS uses a separate,
unaffected DER decoder, several public routines also accept BER data,
and thus are affected. An attacker that successfully exploited these
issues can overflow the heap and may be able to obtain remote code
execution.