Denial Of Service (DoS)

nss is vulnerable to denial of service DoS attacks. The vulnerability exists as the secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restrict...

libIEC61850 Buffer Overflow Vulnerability

libIEC61850 is an open source library for IEC 61850. A heap buffer overflow vulnerability exists in the 'BerEncoderencodeOctetString' function in the mms/asn1/berencoder.c file in libIEC61850 version 1.3, which can be exploited by an attacker to cause a denial of service or code execution...

libIEC61850 buffer overflow vulnerability (CNVD-2019-09613)

libIEC61850 is an open source GPLv3 implementation of the IEC 61850 client and server libraries. A heap buffer overflow vulnerability exists in BerEncoderencodeOctetString in mms/asn1/berencoder.c in libIEC61850 1.3, which can be exploited by an attacker to execute arbitrary code or cause a denia...

SUSE SLED12 / SLES12 Security Update : libtasn1 (SUSE-SU-2016:1601-1)

This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser bsc961491 - CVE-2015-3622: Fixed invalid read in octet string decoding bsc929414 - CVE-2016-4008: Fixed infinite loop while parsing DER...

SUSE SLES11 Security Update : libtasn1 (SUSE-SU-2016:1600-1)

This update for libtasn1 fixes the following issues : - Malformed asn1 definitions could have caused a segmentation fault in the asn1 definition parser bsc961491 - CVE-2015-3622: Fixed invalid read in octet string decoding bsc929414 - CVE-2016-4008: Fixed infinite loop while parsing DER...

The vulnerability of Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of Mozilla Network Security Services for Firefox and Firefox ESR browsers is caused by a buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code using specially crafted OCTET STRING data...

The vulnerability of Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure or execute arbitrary code.

The vulnerability of the secasn1dparseleaf function in the Mozilla Network Security Services browser components for Firefox and Firefox ESR is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code using specially crafted...

CVE-2015-7182

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service application crash or possibly...

DEBIAN-CVE-2015-7181

The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to caus...

CVE-2015-7181

The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to caus...

Heap overflow

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service application crash or possibly...

Design/Logic Flaw

The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to caus...

CVE-2015-7181

CVE-2015-7181 affects the NSS library: the sec_asn1d_parse_leaf function in NSS before 3.19.2.1 and 3.20.x before 3.20.1 improperly restricts access to an unspecified data structure, enabling a remote attacker to crash the application or potentially execute arbitrary code via crafted OCTET STRING...

nss: ASN.1 decoder heap overflow when decoding constructed OCTET STRING that mixes indefinite and definite length encodings (MFSA 2015-133)

A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library...

nss: ASN.1 decoder heap overflow when decoding constructed OCTET STRING that mixes indefinite and definite length encodings (MFSA 2015-133)

A heap-based buffer overflow flaw was found in the way NSS parsed certain ASN.1 structures. An attacker could use this flaw to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library...

CVE-2015-7181

The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to caus...

CVE-2015-7182

Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to cause a denial of service application crash or possibly...

UBUNTU-CVE-2015-7181

The secasn1dparseleaf function in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to caus...

DEBIAN-CVE-2008-2292

Buffer overflow in the snprintvalue function in snmpget in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair AVP...

CVE-2005-0185

Stack-based buffer overflow in NodeManager Professional 2.00 allows remote attackers to execute arbitrary commands via a LinkDown-Trap packet that contains a long OCTET-STRING in the Trap variable-bindings field...