4 matches found
CVE-2015-7182
CVE-2015-7182: In Mozilla NSS, a heap-based overflow in the ASN.1 decoder (DER/BER handling) affects NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4. This can cause denial of service or possibly remote code execution via crafted OCTET ...
CVE-2013-1620
The CVE-2013-1620 entry concerns the TLS implementation in Mozilla NSS. It describes a timing-side‑channel flaw during a noncompliant CBC padding (MAC check) processing for malformed TLS records, allowing remote attackers to perform distinguishing attacks and plaintext-recovery through timing ana...
CVE-2010-4444
CVE-2010-4444 affects Oracle Sun Java System Access Manager and Oracle OpenSSO versions 7, 7.1, and 8. The connected documents describe an unspecified vulnerability that could impact confidentiality, integrity, and availability via unknown vectors, with a CVSSv2 base score of 6.8 (network access,...
CVE-2012-0079
CVE-2012-0079 is an Oracle OpenSSO issue affecting the OpenSSO Administration Component (Oracle OpenSSO 7.1/8.0). The vulnerability is described as a data manipulation/integrity issue with remote exploitation via unspecified administrative vectors; exploitation details are not disclosed in the pr...