8.7 High
AI Score
Confidence
High
7.1 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
48.9%
Untrusted search path vulnerability in Mozilla Network Security Services (NSS), as used in Google Chrome before 17 on Windows and Mac OS X, might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory. NOTE: the vendor’s response was “Strange behavior, but we’re not treating this as a security bug.”
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | nss | < 3.13.1.with.ckbi.1.88-1 | nss_3.13.1.with.ckbi.1.88-1_all.deb |
Debian | 11 | all | nss | < 3.13.1.with.ckbi.1.88-1 | nss_3.13.1.with.ckbi.1.88-1_all.deb |
Debian | 10 | all | nss | < 3.13.1.with.ckbi.1.88-1 | nss_3.13.1.with.ckbi.1.88-1_all.deb |
Debian | 999 | all | nss | < 3.13.1.with.ckbi.1.88-1 | nss_3.13.1.with.ckbi.1.88-1_all.deb |
Debian | 13 | all | nss | < 3.13.1.with.ckbi.1.88-1 | nss_3.13.1.with.ckbi.1.88-1_all.deb |