UbuntuUSN-1540-2NSS vulnerability
9.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.104 Low
EPSS
Percentile
95.0%
Releases
- Ubuntu 12.04
Packages
- nss - Network Security Service library
Details
USN-1540-1 fixed vulnerabilities in NSS. This update provides the
corresponding updates for Ubuntu 12.04 LTS.
Original advisory details:
Kaspar Brand discovered a vulnerability in how the Network Security
Services (NSS) ASN.1 decoder handles zero length items. If the user were
tricked into opening a specially crafted certificate, an attacker could
possibly exploit this to cause a denial of service via application crash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | libnss3 | < 3.13.1.with.ckbi.1.88-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libnss3-1d | < 3.13.1.with.ckbi.1.88-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libnss3-dbg | < 3.13.1.with.ckbi.1.88-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libnss3-dev | < 3.13.1.with.ckbi.1.88-1ubuntu6.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | libnss3-tools | < 3.13.1.with.ckbi.1.88-1ubuntu6.1 | UNKNOWN |
References
Related
9.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.104 Low
EPSS
Percentile
95.0%