CVE-2013-5605

Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.

Published : 2013-11-18 05:23 Updated : 2018-10-09 19:34

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Mozilla Network Security Services 3.15.1 cpe:/a:mozilla:network_security_services:3.15.1
Mozilla Network Security Services 3.14.2 cpe:/a:mozilla:network_security_services:3.14.2
Mozilla Network Security Services 3.14 cpe:/a:mozilla:network_security_services:3.14
Mozilla Network Security Services 3.14.4 cpe:/a:mozilla:network_security_services:3.14.4
Mozilla Network Security Services 3.15 cpe:/a:mozilla:network_security_services:3.15
Mozilla Network Security Services 3.14.1 cpe:/a:mozilla:network_security_services:3.14.1
Mozilla Network Security Services 3.15.2 cpe:/a:mozilla:network_security_services:3.15.2
Mozilla Network Security Services 3.14.3 cpe:/a:mozilla:network_security_services:3.14.3
  1. Mozilla (1) Search CVE
    1. Network Security Services (8) Search CVE
      1. 3.15.1
      2. 3.14.2
      3. 3.14
      4. 3.14.4
      5. 3.15
      6. 3.14.1
      7. 3.15.2
      8. 3.14.3

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

References

Source Link
CONFIRM http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
SUSE http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00000.html
SUSE http://lists.opensuse.org/opensuse-updates/2013-11/msg00078.html
SUSE http://lists.opensuse.org/opensuse-updates/2013-11/msg00080.html
REDHAT http://rhn.redhat.com/errata/RHSA-2013-1791.html
REDHAT http://rhn.redhat.com/errata/RHSA-2013-1829.html
REDHAT http://rhn.redhat.com/errata/RHSA-2013-1840.html
REDHAT http://rhn.redhat.com/errata/RHSA-2013-1841.html
REDHAT http://rhn.redhat.com/errata/RHSA-2014-0041.html
FULLDISC http://seclists.org/fulldisclosure/2014/Dec/23
GENTOO http://security.gentoo.org/glsa/glsa-201406-19.xml
DEBIAN http://www.debian.org/security/2013/dsa-2800
CONFIRM http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
CONFIRM http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
CONFIRM http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
BID http://www.securityfocus.com/bid/63738
UBUNTU http://www.ubuntu.com/usn/USN-2030-1
UBUNTU http://www.ubuntu.com/usn/USN-2031-1
UBUNTU http://www.ubuntu.com/usn/USN-2032-1
CONFIRM http://www.vmware.com/security/advisories/VMSA-2014-0012.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=934016
CONFIRM https://developer.mozilla.org/docs/NSS/NSS_3.14.5_release_notes
CONFIRM https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes
GENTOO https://security.gentoo.org/glsa/201504-01
CONFIRM http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
BUGTRAQ http://www.securityfocus.com/archive/1/534161/100/0/threaded