19 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-1938
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The smpdiv function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, improperly divides...
RHEL 7 : nss (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Mozilla NSS: Errors in mpdiv and mpexptmod cryptographic functions CVE-2016-1938 - SSL/TLS: Birthday atta...
[SECURITY] [DSA 3688-1] nss security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3688-1 [email protected] https://www.debian.org/security/ Florian Weimer October 05, 2016 https://www.debian.org/security/faq -...
Ubuntu 14.04 LTS / 16.04 LTS : Thunderbird vulnerabilities (USN-2973-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2973-1 advisory. Christian Holler, Tyson Smith, and Phil Ringalda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to openin...
Debian DLA-480-1 : nss security update
This security update fixes serious security issues in NSS including arbitrary code execution and remote denial service attacks. For Debian 7 'wheezy', these problems have been fixed in 3.14.5-1+deb7u6. We recommend you upgrade your nss packages as soon as possible. CVE-2015-7181 The...
[SECURITY] [DLA 480-1] nss security update
Package : nss Version : 3.14.5-1+deb7u6 CVE ID : CVE-2015-7181 CVE-2015-7182 CVE-2016-1938 CVE-2016-1950 CVE-2016-1978 CVE-2016-1979 This security update fixes serious security issues in NSS including arbitrary code execution and remote denial service attacks. For Debian 7 "wheezy", these problem...
DLA-480-1 nss - security update
Bulletin has no description...
[SECURITY] [DLA 427-1] nss security update
Package : nss Version : 3.12.8-1+squeeze14 CVE ID : CVE-2016-1938 The smpdiv function in Mozilla Network Security Services NSS before 3.21, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the 1 mpdiv or...
Ubuntu: Security Advisory (USN-2903-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 12.04 LTS : nss regression (USN-2903-2)
USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning change in Ubuntu 12.04 LTS caused a regression when building software against NSS. This update fixes the problem. We apologize for the inconvenience. Hanno Bock discovered that NSS incorrectly handled certain division...
Ubuntu 14.04 LTS : NSS vulnerability (USN-2903-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2903-1 advisory. Hanno Bck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic weaknesses. CVE-2016-1938 This update also refresh...
Security update for the MozillaFirefox, mozilla-nss and mozilla-nspr (important)
This update to MozillaFirefox fixes several security issues and bugs. Mozilla Firefox was updated to 44.0. Mozilla NSS was updated to 3.21 Mozilla NSPR was updated to 4.11. The following vulnerabilities were fixed: CVE-2016-1930/CVE-2016-1931: Miscellaneous memory safety hazards boo963633...
openSUSE: Security Advisory for Mozilla (openSUSE-SU-2016:0306-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2016:0309-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-1938
The smpdiv function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the 1 mpdiv or 2...
CVE-2016-1938
CVE-2016-1938 affects Mozilla NSS up to version 3.21, used by Firefox prior to 44.0. The issue is in the s_mp_div function in lib/freebl/mpi/mpi.c, where numbers are divided incorrectly, potentially allowing remote attackers to defeat cryptographic protections by leveraging use of mp_div or mp_ex...
Mozilla Firefox Multiple Vulnerabilities (Jan 2016) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
Ubuntu: Security Advisory (USN-2880-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-1938
The smpdiv function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services NSS before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the 1 mpdiv or 2...