Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2016-1978
HistoryMar 13, 2016 - 6:59 p.m.

Design/Logic Flaw

2016-03-1318:59:00
PRIOn knowledge base
www.prio-n.com
3

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.077 Low

EPSS

Percentile

94.0%

JSON

Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.

References

Related

cve 1
debiancve 1
veracode 1
f5 2
ubuntucve 1
mozilla 1
ibm 8
openvas 29
nessus 26
redhat 3
symantec 1
oraclelinux 3
centos 3
amazon 1
freebsd 1
ubuntu 1
debian 2
osv 2
suse 4
gentoo 1
oracle 1
cve
cve
CVE-2016-1978
2016-03-13 18:59:00
debiancve
debiancve
CVE-2016-1978
2016-03-13 18:59:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:11:20
f5
f5
K37540306 : Mozilla Network Security Services use-after-free vulnerability CVE-2016-1978
2016-11-15 00:00:00
SOL37540306 - Mozilla Network Security Services use-after-free vulnerability CVE-2016-1978
2016-11-15 00:00:00
ubuntucve
ubuntucve
CVE-2016-1978
2016-03-13 00:00:00
mozilla
mozilla
Use-after-free in NSS during SSL connections in low memory — Mozilla
2016-01-26 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in Network Security (NSS) affects IBM SAN Volume Controller and Storwize Family (CVE-2016-1978)
2023-03-29 01:48:02
Security Bulletin: Vulnerabilities in Network Security Services (NSS) affect the IBM FlashSystem models 840 and 900 (CVE-2016-1978)
2023-02-18 01:45:50
Security Bulletin: Vulnerabilities in Mozilla Firefox Network Security Services affect PowerKVM (CVE-2016-1978,CVE-2016-1979)
2018-06-18 01:32:18
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2016-15) - Linux
2021-11-08 00:00:00
Oracle: Security Advisory (ELSA-2016-0684)
2016-05-09 00:00:00
CentOS Update for nss-softokn CESA-2016:0685 centos7
2016-04-26 00:00:00
nessus
nessus
CentOS 7 : nspr / nss / nss-softokn / nss-util (CESA-2016:0685)
2016-04-27 00:00:00
CentOS 6 : nspr / nss / nss-util (CESA-2016:0591)
2016-04-07 00:00:00
Scientific Linux Security Update : nss, nspr, nss-softokn, and nss-util on SL7.x x86_64 (20160425)
2016-04-27 00:00:00
redhat
redhat
(RHSA-2016:0591) Moderate: nss, nss-util, and nspr security, bug fix, and enhancement update
2016-04-05 00:00:00
(RHSA-2016:0684) Moderate: nss and nspr security, bug fix, and enhancement update
2016-04-25 00:00:00
(RHSA-2016:0685) Moderate: nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update
2016-04-25 11:11:50
symantec
symantec
SA124 : NSS Vulnerabilities March 2016
2016-06-07 08:00:00
oraclelinux
oraclelinux
nss and nspr security, bug fix, and enhancement update
2016-04-25 00:00:00
nss, nss-util, and nspr security, bug fix, and enhancement update
2016-04-05 00:00:00
nss, nspr, nss-softokn, and nss-util security, bug fix, and enhancement update
2016-04-25 00:00:00
centos
centos
nspr, nss security update
2016-04-25 13:19:01
nspr, nss security update
2016-04-05 12:27:24
nspr, nss security update
2016-04-25 17:49:11
amazon
amazon
Medium: nspr, nss-util, nss, nss-softokn
2016-05-18 14:00:00
freebsd
freebsd
NSS -- multiple vulnerabilities
2016-01-26 00:00:00
ubuntu
ubuntu
Thunderbird vulnerabilities
2016-05-19 00:00:00
debian
debian
[SECURITY] [DLA 480-1] nss security update
2016-05-18 18:34:37
[SECURITY] [DSA 3688-1] nss security update
2016-10-05 20:20:43
osv
osv
nss - security update
2016-05-18 00:00:00
nss - security update
2016-10-05 00:00:00
suse
suse
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2016-03-15 19:12:14
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2016-03-30 15:07:52
Security update for MozillaFirefox, mozilla-nspr, mozilla-nss (important)
2016-03-11 20:11:56
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2016
2016-07-19 00:00:00

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.077 Low

EPSS

Percentile

94.0%

JSON
Related for PRION:CVE-2016-1978
cve1debiancve1veracode1f52ubuntucve1mozilla1ibm8openvas29nessus26redhat3symantec1oraclelinux3centos3amazon1freebsd1ubuntu1debian2osv2suse4gentoo1oracle1