The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2013-04-03 04:56
Updated : 2022-12-21 08:17
NVD link : CVE-2013-0791
Mitre link : CVE-2013-0791
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_eus
mozilla
- firefox_esr
- thunderbird
- firefox
- network_security_services
- seamonkey
- thunderbird_esr
canonical
- ubuntu_linux
oracle
- vm_server