[414124] RSA signature malleability in NSS (CVE-2014-1568). Thanks to
Antoine Delignat-Lavaud of Prosecco/INRIA, Brian Smith and Advanced Threat Research team at Intel Security

Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug.

Karen Grünberg
Google Chrome

CPENameOperatorVersion
google chromelt37.0.2062.124

CPE	Name	Operator	Version
	google chrome	lt	37.0.2062.124

nessus 49

suse 6

prion 3

osv 3

debian 4

openvas 49

mozilla 1

centos 1

cert 1

fedora 9

archlinux 1

veracode 1

redhat 3

mageia 1

amazon 3

ubuntu 3

cve 3

freebsd 2

oraclelinux 2

checkpoint_advisories 1

debiancve 3

ubuntucve 2

redhatcve 1

alpinelinux 1

ibm 4

securityvulns 3

oracle 3

gentoo 1

nessus

Oracle Linux 5 / 6 / 7 : nss (ELSA-2014-1307)

2014-09-29 00:00:00

Mandriva Linux Security Advisory : nss (MDVSA-2014:189)

2014-09-26 00:00:00

Debian DSA-3034-1 : iceweasel - security update

2014-09-26 00:00:00

suse

NSS update to avoid signature forgery (critical)

2014-09-28 12:04:18

Security update for mozilla-nss (important)

2014-10-01 17:04:53

Security update for mozilla-nss (important)

2014-09-27 00:04:18

prion

Design/Logic Flaw

2014-09-25 17:55:00

Code injection

2018-11-07 20:29:00

Design/Logic Flaw

2018-09-26 21:29:00

osv

nss - security update

2014-09-25 00:00:00

CVE-2018-16253

2018-11-07 20:29:00

CVE-2018-16152

2018-09-26 21:29:01

debian

[SECURITY] [DSA 3033-1] nss security update

2014-09-25 00:23:40

[SECURITY] [DSA 3037-1] icedove security update

2014-09-26 19:31:43

[SECURITY] [DSA 3034-1] iceweasel security update

2014-09-25 06:25:14

openvas

CentOS Update for nss CESA-2014:1307 centos7

2014-10-01 00:00:00

Seamonkey RSA Spoof Vulnerability (Sep 2014) - Mac OS X

2014-09-30 00:00:00

Amazon Linux: Security Advisory (ALAS-2014-424)

2015-09-08 00:00:00

mozilla

RSA Signature Forgery in NSS — Mozilla

2014-09-24 00:00:00

centos

nss security update

2014-09-26 11:29:24

cert

Mozilla Network Security Services (NSS) fails to properly verify RSA signatures

2014-09-24 00:00:00

fedora

[SECURITY] Fedora 21 Update: nss-3.17.1-1.fc21

2014-09-29 04:00:07

[SECURITY] Fedora 21 Update: nss-util-3.17.1-1.fc21

2014-09-29 04:00:07

[SECURITY] Fedora 21 Update: nss-softokn-3.17.1-2.fc21

2014-09-29 04:00:06

archlinux

NSS: Signature forgery attack

2014-09-24 00:00:00

veracode

Spoofable RSA Signatures

2019-01-15 09:01:59

redhat

(RHSA-2014:1307) Important: nss security update

2014-09-26 00:00:00

(RHSA-2014:1371) Important: nss security update

2014-10-10 00:00:00

(RHSA-2014:1354) Critical: rhev-hypervisor6 security update

2014-10-02 00:00:00

mageia

Updated nss packages fix CVE-2014-1568

2014-09-26 19:55:04

amazon

Important: nss

2014-10-01 16:32:00

Important: nss-softokn

2014-10-01 16:32:00

Important: nss-util

2014-10-01 16:32:00

ubuntu

Thunderbird vulnerabilities

2014-09-24 00:00:00

Firefox vulnerabilities

2014-09-24 00:00:00

NSS vulnerability

2014-09-24 00:00:00

cve

CVE-2014-1568

2014-09-25 17:55:00

CVE-2018-16253

2018-11-07 20:29:00

CVE-2018-16152

2018-09-26 21:29:00

freebsd

chromium -- RSA signature malleability in NSS

2014-09-24 00:00:00

NSS -- RSA Signature Forgery

2014-09-23 00:00:00

oraclelinux

nss security update

2014-09-26 00:00:00

nss, nss-util, and nss-softokn security, bug fix, and enhancement update

2014-12-02 00:00:00

checkpoint_advisories

Mozilla Network Security Services RSA Signature Forgery (CVE-2014-1568)

2014-10-19 00:00:00

debiancve

CVE-2014-1568

2014-09-25 17:55:00

CVE-2018-16253

2018-11-07 20:29:00

CVE-2018-16152

2018-09-26 21:29:00

ubuntucve

CVE-2014-1568

2014-09-24 00:00:00

CVE-2018-16152

2018-09-24 00:00:00

redhatcve

CVE-2018-16152

2018-10-03 20:20:39

alpinelinux

CVE-2018-16152

2018-09-26 21:29:00

ibm

Security Bulletin: IBM Cognos Business Intelligence Server is affected by multiple vulnerabilities (CVE-2014-3566, CVE-2014-6145, CVE-2014-1568, CVE-2014-4263, CVE-2012-5784, CVE-2014-3513, CVE-2014-3567 and CVE-2014-3568).

2018-06-15 23:13:34

Security Bulletin: A security vulnerability has been identified in multiple products that ship with IBM Predictive Customer Intelligence (CVE-2014-3566)

2020-02-11 21:31:00

Security Bulletin: Tivoli Common Reporting iFixes for multiple Security Vulnerabilities (CVE-2014-3566,CVE-2014-6145,CVE-2014-1568,CVE-2014-4263,CVE-2014-3513,CVE-2014-3567,CVE-2014-3568,CVE-2014-0107,CVE-2014-0075,CVE-2014-0096,CVE-2014-0099,CVE-2014-011

2018-06-17 14:55:57

securityvulns

Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities

2015-04-17 00:00:00

Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities

2015-01-25 00:00:00

Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities

2015-07-20 00:00:00

oracle

Oracle Critical Patch Update - April 2015

2015-04-14 00:00:00

Oracle Critical Patch Update Advisory - January 2015

2015-03-10 00:00:00

Oracle Critical Patch Update Advisory - July 2015

2015-07-14 00:00:00

gentoo

Mozilla Products: Multiple vulnerabilities

2015-04-07 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.044 Low

EPSS

Percentile

92.3%

JSON

Related for GCSA-4515569786746850114