Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61417
HistoryFeb 12, 2014 - 12:00 a.m.

Mozilla Network Security Services释放后重利用内存破坏漏洞(CVE-2014-1490)

2014-02-1200:00:00
Root
www.seebug.org
18

0.01 Low

EPSS

Percentile

82.3%

JSON

BUGTRAQ ID: 65335
CVE(CAN) ID: CVE-2014-1490

Mozilla Network Security Services是一组库,用于支持跨平台开发安全的客户端和服务器应用。

Mozilla Network Security Services 3.15.4之前版本中,libssl存在竞争条件,可使远程攻击者用恢复握手触发会话票据错误重置,导致拒绝服务。
0
Mozilla Network Security Services <= 3.15.4
厂商补丁:

Mozilla

Mozilla已经为此发布了一个安全公告(mfsa2014-12)以及相应补丁:
mfsa2014-12:NSS ticket handling issues
链接:http://www.mozilla.org/security/announce/2014/mfsa2014-12.html

Related

cve 1
ubuntucve 1
debiancve 1
prion 1
openvas 36
mozilla 1
nessus 36
centos 2
redhat 3
oraclelinux 2
f5 2
ibm 4
veracode 1
debian 1
ubuntu 3
suse 6
freebsd 1
securityvulns 1
oracle 4
gentoo 1
cve
cve
CVE-2014-1490
2014-02-06 05:44:00
ubuntucve
ubuntucve
CVE-2014-1490
2014-02-05 00:00:00
debiancve
debiancve
CVE-2014-1490
2014-02-06 05:44:00
prion
prion
Race condition
2014-02-06 05:44:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-12) - Linux
2021-11-11 00:00:00
CentOS Update for nss CESA-2014:1246 centos5
2014-10-01 00:00:00
RedHat Update for nss and nspr RHSA-2014:1246-01
2014-09-17 00:00:00
mozilla
mozilla
NSS ticket handling issues — Mozilla
2014-02-04 00:00:00
nessus
nessus
CentOS 5 : nss (CESA-2014:1246)
2014-10-01 00:00:00
Scientific Linux Security Update : nss and nspr on SL5.x i386/x86_64 (20140916)
2014-09-29 00:00:00
Oracle Linux 5 : nspr / nss (ELSA-2014-1246)
2014-09-18 00:00:00
centos
centos
nss security update
2014-09-30 11:21:57
nspr, nss security update
2014-07-23 02:49:51
redhat
redhat
(RHSA-2014:1246) Moderate: nss and nspr security, bug fix, and enhancement update
2014-09-16 00:00:00
(RHSA-2014:0917) Critical: nss and nspr security, bug fix, and enhancement update
2014-07-22 00:00:00
(RHSA-2014:0979) Moderate: rhev-hypervisor6 security and bug fix update
2014-07-29 00:00:00
oraclelinux
oraclelinux
nss and nspr security, bug fix, and enhancement update
2014-09-17 00:00:00
nss and nspr security, bug fix, and enhancement update
2014-07-22 00:00:00
f5
f5
SOL16716 - Multiple Mozilla NSS vulnerabilities
2015-06-05 00:00:00
K16716 : Multiple Mozilla NSS vulnerabilities
2015-09-17 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Network Security Services (NSS) and Netscape Portable Runtime (NSPR) affect IBM SAN Volume Controller and Storwize Family (CVE-2013-1740, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-1544, CVE-2014-1545)
2023-03-29 01:48:02
Security Bulletin: Vulnerabilities in Network Security Services (NSS) and Netscape Portable Runtime (NSPR) affect IBM SAN Volume Controller and Storwize Family (CVE-2013-1740, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-1544, CVE-2014-1545)
2022-08-20 00:54:31
Security Bulletin: Six (6) Vulnerabilities in Network Security Services (NSS) & Netscape Portable Runtime (NSPR) affect IBM FlashSystem and TMS RAMSAN 710, 720, 810, and 820 systems (CVE-2013-1740, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-154
2023-02-28 01:12:10
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:03:51
debian
debian
[SECURITY] [DSA 2858-1] iceweasel security update
2014-02-10 15:41:41
ubuntu
ubuntu
Thunderbird vulnerabilities
2014-02-19 00:00:00
Firefox regression
2014-02-19 00:00:00
Firefox vulnerabilities
2014-02-10 00:00:00
suse
suse
Mozilla updates February 2014 (important)
2014-02-08 13:04:12
Security update for MozillaFirefox (important)
2014-02-18 13:25:23
Security update for Mozilla Firefox (important)
2014-02-19 21:04:13
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-02-04 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-02-10 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2014
2014-07-15 00:00:00
Oracle Critical Patch Update - October 2014
2014-10-14 00:00:00
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00

0.01 Low

EPSS

Percentile

82.3%

JSON
Related for SSV:61417
cve1ubuntucve1debiancve1prion1openvas36mozilla1nessus36centos2redhat3oraclelinux2f52ibm4veracode1debian1ubuntu3suse6freebsd1securityvulns1oracle4gentoo1