5 matches found
The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
In this article 1. Pre-encryption 2. File encryption 3. Post-encryption 4. Defending against The Gentlemen ransomware 5. Microsoft Defender detections and hunting guidance 6. Indicators of compromise Ransomware that combines robust encryption with rapid lateral movement significantly increases th...
nss: Out-of-bounds read when importing curve25519 private key
When importing a curve25519 private key in PKCS8format with leading 0x00 bytes, it is possible to trigger an out-of-bounds read in the Network Security Services NSS library. This could lead to information disclosure. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8...
USN-4060-2 nss vulnerabilities
USN-4060-1 fixed several vulnerabilities in nss. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this...
USN-4060-1 nss vulnerabilities
Henry Corrigan-Gibbs discovered that NSS incorrectly handled importing certain curve25519 private keys. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly obtain sensitive information. CVE-2019-11719 Hubert Kario discovered that NSS incorrectly...
Mozilla Firefox Out-of-Bounds Read Vulnerability
Mozilla Firefox browser Firefox is a free, open source browser for Windows, Linux and MacOSX platforms. An out-of-bounds read vulnerability exists in the Network Security Services NSS library in Mozilla Firefox versions prior to 68 when importing a curve25519 private key in PKCS 8 format with a...