NSS vulnerability

2012-08-21T00:00:00
ID USN-1540-2
Type ubuntu
Reporter Ubuntu
Modified 2012-08-21T00:00:00

Description

USN-1540-1 fixed vulnerabilities in NSS. This update provides the corresponding updates for Ubuntu 12.04 LTS.

Original advisory details:

Kaspar Brand discovered a vulnerability in how the Network Security Services (NSS) ASN.1 decoder handles zero length items. If the user were tricked into opening a specially crafted certificate, an attacker could possibly exploit this to cause a denial of service via application crash.