Download
| Alert*
oval:org.secpod.oval:def:2000171
The __hash_open function in hash.c:229 in Mozilla Network Security Services allows context-dependent attackers to cause a denial of service via a crafted cert8.db file. oval:org.secpod.oval:def:2000803 Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. oval:org.secpod.oval:def:2000667 Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. oval:org.secpod.oval:def:2000457 Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. oval:org.secpod.oval:def:702992 nss: Network Security Service library Details: USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning change in Ubuntu 12.04 LTS caused a regression when building software against NSS. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-2903-1 i ... oval:org.secpod.oval:def:601352 libnss3-dev is installed oval:org.secpod.oval:def:601140 A flaw was found in the way the Mozilla Network Security Service library read uninitialized data when there was a decryption failure. A remote attacker could use this flaw to cause a denial of service for applications linked with the nss library. The oldstable distribution is not affected by this ... oval:org.secpod.oval:def:2001266 Cache side-channel variant of the Bleichenbacher attack oval:org.secpod.oval:def:1900140 NULL pointer dereference in several CMS functions result ing in a denial of service oval:org.secpod.oval:def:2001484 NULL pointer dereference in several CMS functions resulting in a denial of service oval:org.secpod.oval:def:69794 Two vulnerabilities were discovered in libnss3-dev, a set of cryptographic libraries, which may result in denial of service and potentially the execution of arbitrary code. oval:org.secpod.oval:def:2004176 This CVE is missing description oval:org.secpod.oval:def:601835 In nss, a set of libraries designed to support cross-platform development of security-enabled client and server applications, Tyson Smith and Jesse Schwartzentruber discovered a use-after-free vulnerability that allows remote attackers to execute arbitrary code by triggering the improper removal of ... |