Heap overflow

Heap-based buffer overflow in the hashopen function in lib/dbm/src/hash.c in Mozilla Network Security Services NSS allows context-dependent attackers to have unspecified impact using a crafted cert8.db file...

CVE-2017-11696

CVE-2017-11696 is a heap-based buffer overflow in NSS (hash_open in lib/dbm/src/hash.c) exploitable via a crafted cert8.db file. Connected sources confirm the NSS library is affected and provide remediation guidance: upgrade to a newer NSS version, e.g., Gentoo GLSA-202003-37/GLSA 202003-37 recom...

CVE-2017-11695

CVE-2017-11695 : Heap-based buffer overflow in the alloc_segs function of NSS (lib/dbm/src/hash.c) used by Mozilla NSS when processing crafted cert8.db files. Exploitation is context-dependent with unspecified impact per the entry. Public details explicitly describe the overflow but do not specif...

CVE-2017-11695

Heap-based buffer overflow in the allocsegs function in lib/dbm/src/hash.c in Mozilla Network Security Services NSS allows context-dependent attackers to have unspecified impact using a crafted cert8.db file...

CVE-2017-11695

Heap-based buffer overflow in the allocsegs function in lib/dbm/src/hash.c in Mozilla Network Security Services NSS allows context-dependent attackers to have unspecified impact using a crafted cert8.db file...