NSS -- multiple vulnerabilities

2016-03-0800:00:00

vuxml.freebsd.org

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.042 Low

EPSS

Percentile

92.1%

JSON

Mozilla Foundation reports:

Security researcher Francis Gabriel reported a heap-based
buffer overflow in the way the Network Security Services
(NSS) libraries parsed certain ASN.1 structures. An attacker
could create a specially-crafted certificate which, when
parsed by NSS, would cause it to crash or execute arbitrary
code with the permissions of the user.

Mozilla developer Tim Taubert used the Address Sanitizer
tool and software fuzzing to discover a use-after-free
vulnerability while processing DER encoded keys in the
Network Security Services (NSS) libraries. The vulnerability
overwrites the freed memory with zeroes.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchnss= 3.20UNKNOWN
FreeBSDanynoarchnss< 3.21.1UNKNOWN
FreeBSDanynoarchlinux-c6-nss= 3.20UNKNOWN
FreeBSDanynoarchlinux-c6-nss< 3.21.0_1UNKNOWN
FreeBSDanynoarchlinux-firefox< 45.0,1UNKNOWN
FreeBSDanynoarchlinux-thunderbird< 38.7.0UNKNOWN
FreeBSDanynoarchlinux-seamonkey< 2.42UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	nss	= 3.20	UNKNOWN
FreeBSD	any	noarch	nss	< 3.21.1	UNKNOWN
FreeBSD	any	noarch	linux-c6-nss	= 3.20	UNKNOWN
FreeBSD	any	noarch	linux-c6-nss	< 3.21.0_1	UNKNOWN
FreeBSD	any	noarch	linux-firefox	< 45.0,1	UNKNOWN
FreeBSD	any	noarch	linux-thunderbird	< 38.7.0	UNKNOWN
FreeBSD	any	noarch	linux-seamonkey	< 2.42	UNKNOWN