Lucene search
Ubuntu.comUB:CVE-2013-5606HistoryNov 14, 2013 - 12:00 a.m.
CVE-2013-5606
2013-11-1400:00:00
ubuntu.com
ubuntu.com
16
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.008 Low
EPSS
Percentile
81.4%
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network
Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return
value for an incompatible key-usage certificate when the CERTVerifyLog
argument is valid, which might allow remote attackers to bypass intended
access restrictions via a crafted certificate.
Bugs
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | nss | < 3.15.3-0ubuntu0.10.04.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | nss | < 3.15.3-0ubuntu0.12.04.1 | UNKNOWN |
| ubuntu | 12.10 | noarch | nss | < 3.15.3-0ubuntu0.12.10.1 | UNKNOWN |
| ubuntu | 13.04 | noarch | nss | < 2:3.15.3-0ubuntu0.13.04.1 | UNKNOWN |
| ubuntu | 13.10 | noarch | nss | < 2:3.15.3-0ubuntu0.13.10.1 | UNKNOWN |
Related
cve
cve
CVE-2013-5606
2013-11-18 05:23:00
debiancve
debiancve
CVE-2013-5606
2013-11-18 05:23:00
prion
prion
Design/Logic Flaw
2013-11-18 05:23:00
fedora
fedora
[SECURITY] Fedora 19 Update: nss-3.15.3.1-1.fc19
2014-01-05 12:35:19
[SECURITY] Fedora 19 Update: nss-softokn-3.15.3-1.fc19
2013-12-15 03:36:48
[SECURITY] Fedora 20 Update: nss-util-3.15.3-1.fc20
2013-12-14 02:52:25
openvas
openvas
Fedora Update for nss-util FEDORA-2013-23479
2013-12-23 00:00:00
Fedora Update for nss-softokn FEDORA-2013-23479
2013-12-23 00:00:00
Fedora Update for nss-util FEDORA-2013-23301
2013-12-17 00:00:00
nessus
nessus
OracleVM 3.3 : nss (OVMSA-2014-0014)
2014-11-26 00:00:00
OracleVM 3.3 : nss-util (OVMSA-2014-0015)
2014-11-26 00:00:00
SeaMonkey < 2.22.1 NSS and NSPR Multiple Vulnerabilities
2013-11-18 00:00:00
osv
osv
nss - security update
2014-07-31 00:00:00
nss - security update
2014-07-31 00:00:00
suse
suse
Security update for mozilla-nspr, mozilla-nss (important)
2013-12-02 20:04:14
debian
debian
[DLA 23-1] nss security update
2014-07-31 11:23:33
[SECURITY] [DSA 2994-1] nss security update
2014-07-31 11:51:32
ubuntu
ubuntu
NSS vulnerabilities
2013-11-18 00:00:00
oraclelinux
oraclelinux
nss, nss-util, and nss-softokn security, bug fix, and enhancement update
2014-12-02 00:00:00
nss, nspr, and nss-util security update
2013-12-12 00:00:00
nss and nspr security, bug fix, and enhancement update
2013-12-05 00:00:00
mageia
mageia
Updated firefox, rootcerts, nspr & nss packages fix security vulnerabilities
2013-11-21 00:54:49
securityvulns
securityvulns
Mozilla nss security vulnerabilities
2013-11-26 00:00:00
mozilla
mozilla
Miscellaneous Network Security Services (NSS) vulnerabilities — Mozilla
2013-11-15 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:00:20
Authentication Bypass
2019-05-02 05:00:22
Denial Of Service (DoS)
2019-05-02 05:00:22
amazon
amazon
Important: nspr
2013-12-17 21:31:00
Important: nss
2013-12-17 21:31:00
centos
centos
nspr, nss security update
2013-12-13 00:04:31
nspr, nss security update
2013-12-05 17:45:58
redhat
redhat
(RHSA-2013:1791) Important: nss and nspr security, bug fix, and enhancement update
2013-12-05 00:00:00
(RHSA-2013:1829) Important: nss, nspr, and nss-util security update
2013-12-12 00:00:00
(RHSA-2014:0041) Important: rhev-hypervisor6 security update
2014-01-21 00:00:00
gentoo
gentoo
Mozilla Network Security Service: Multiple vulnerabilities
2014-06-21 00:00:00
Mozilla Products: Multiple vulnerabilities
2015-04-07 00:00:00
oracle
oracle
Oracle Critical Patch Update - July 2014
2014-07-15 00:00:00
Oracle Critical Patch Update - October 2014
2014-10-14 00:00:00
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
0.008 Low
EPSS
Percentile
81.4%
Related for UB:CVE-2013-5606