9.2 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.104 Low
EPSS
Percentile
95.0%
Kaspar Brand discovered a vulnerability in how the Network Security
Services (NSS) ASN.1 decoder handles zero length items. If the user were
tricked into opening a specially crafted certificate, an attacker could
possibly exploit this to cause a denial of service via application crash.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.10 | noarch | libnss3-1d | < 3.12.9+ckbi-1.82-0ubuntu6.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | libnss3 | < 3.12.9+ckbi-1.82-0ubuntu6.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | libnss3-dbg | < 3.12.9+ckbi-1.82-0ubuntu6.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | libnss3-dev | < 3.12.9+ckbi-1.82-0ubuntu6.1 | UNKNOWN |
Ubuntu | 11.10 | noarch | libnss3-tools | < 3.12.9+ckbi-1.82-0ubuntu6.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | libnss3-1d | < 3.12.9+ckbi-1.82-0ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libnss3 | < 3.12.9+ckbi-1.82-0ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libnss3-dbg | < 3.12.9+ckbi-1.82-0ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libnss3-dev | < 3.12.9+ckbi-1.82-0ubuntu2.2 | UNKNOWN |
Ubuntu | 11.04 | noarch | libnss3-tools | < 3.12.9+ckbi-1.82-0ubuntu2.2 | UNKNOWN |