Several issues existed within the ASN.1 decoder used by NSS for handling
streaming BER data. While the majority of NSS uses a separate,
unaffected DER decoder, several public routines also accept BER data,
and thus are affected. An attacker that successfully exploited these
issues can overflow the heap and may be able to obtain remote code
execution.