CVE-2016-1950

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

Published : 2016-03-13 18:59 Updated : 2019-03-08 16:06

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Mozilla Firefox Esr 38.1.0 cpe:/a:mozilla:firefox_esr:38.1.0
Mozilla Firefox Esr 38.0.1 cpe:/a:mozilla:firefox_esr:38.0.1
Oracle Glassfish Server 2.1.1 cpe:/a:oracle:glassfish_server:2.1.1
Mozilla Firefox Esr 38.3.0 cpe:/a:mozilla:firefox_esr:38.3.0
Mozilla Firefox Esr 38.2.1 cpe:/a:mozilla:firefox_esr:38.2.1
Mozilla Firefox Esr 38.2.0 cpe:/a:mozilla:firefox_esr:38.2.0
Mozilla Firefox Esr 38.1.1 cpe:/a:mozilla:firefox_esr:38.1.1
Oracle Iplanet Web Proxy Server 4.0 cpe:/a:oracle:iplanet_web_proxy_server:4.0
Mozilla Firefox Esr 38.5.0 cpe:/a:mozilla:firefox_esr:38.5.0
Mozilla Firefox Esr 38.0.5 cpe:/a:mozilla:firefox_esr:38.0.5
Mozilla Firefox Esr 38.4.0 cpe:/a:mozilla:firefox_esr:38.4.0
Mozilla Firefox Esr 38.6.1 cpe:/a:mozilla:firefox_esr:38.6.1
Mozilla Firefox Esr 38.6.0 cpe:/a:mozilla:firefox_esr:38.6.0
Mozilla Firefox Esr 38.5.1 cpe:/a:mozilla:firefox_esr:38.5.1
Oracle Vm Server 3.2 cpe:/o:oracle:vm_server:3.2
Apple Mac Os X 10.11.3 cpe:/o:apple:mac_os_x:10.11.3
Oracle Linux 7.0 cpe:/o:oracle:linux:7.0
Mozilla Firefox 44.0.2 cpe:/a:mozilla:firefox:44.0.2
Oracle Linux 6.0 cpe:/o:oracle:linux:6.0
Oracle Linux 5.0 cpe:/o:oracle:linux:5.0
Apple Iphone Os 9.2.1 cpe:/o:apple:iphone_os:9.2.1
Mozilla Network Security Services 3.20.1 cpe:/a:mozilla:network_security_services:3.20.1
Apple Watchos 2.1 cpe:/o:apple:watchos:2.1
Oracle Iplanet Web Server 7.0 cpe:/a:oracle:iplanet_web_server:7.0
Mozilla Firefox Esr 38.0 cpe:/a:mozilla:firefox_esr:38.0
Mozilla Network Security Services 3.19.2 cpe:/a:mozilla:network_security_services:3.19.2
Mozilla Network Security Services 3.20 cpe:/a:mozilla:network_security_services:3.20
Mozilla Network Security Services 3.21 cpe:/a:mozilla:network_security_services:3.21
Opensuse Opensuse 13.1 cpe:/o:opensuse:opensuse:13.1
Apple Tvos 9.1 cpe:/o:apple:tvos:9.1
  1. Opensuse (1) Search CVE
    1. Opensuse (1) Search CVE
      1. 13.1
  2. Oracle (5) Search CVE
    1. Iplanet Web Server (1) Search CVE
      1. 7.0
    2. Linux (3) Search CVE
      1. 7.0
      2. 6.0
      3. 5.0
    3. Glassfish Server (1) Search CVE
      1. 2.1.1
    4. Vm Server (1) Search CVE
      1. 3.2
    5. Iplanet Web Proxy Server (1) Search CVE
      1. 4.0
  3. Apple (4) Search CVE
    1. Watchos (1) Search CVE
      1. 2.1
    2. Mac Os X (1) Search CVE
      1. 10.11.3
    3. Iphone Os (1) Search CVE
      1. 9.2.1
    4. Tvos (1) Search CVE
      1. 9.1
  4. Mozilla (3) Search CVE
    1. Firefox (1) Search CVE
      1. 44.0.2
    2. Firefox Esr (13) Search CVE
      1. 38.1.0
      2. 38.0.1
      3. 38.3.0
      4. 38.2.1
      5. 38.2.0
      6. 38.1.1
      7. 38.5.0
      8. 38.0.5
      9. 38.4.0
      10. 38.6.1
      11. 38.6.0
      12. 38.5.1
      13. 38.0
    3. Network Security Services (4) Search CVE
      1. 3.20.1
      2. 3.19.2
      3. 3.20
      4. 3.21

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

References

Source Link
APPLE http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
APPLE http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
APPLE http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
APPLE http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
REDHAT http://rhn.redhat.com/errata/RHSA-2016-0495.html
DEBIAN http://www.debian.org/security/2016/dsa-3510
DEBIAN http://www.debian.org/security/2016/dsa-3520
CONFIRM http://www.mozilla.org/security/announce/2016/mfsa2016-35.html
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
CONFIRM http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
CONFIRM http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
BID http://www.securityfocus.com/bid/84223
SECTRACK http://www.securitytracker.com/id/1035215
UBUNTU http://www.ubuntu.com/usn/USN-2917-1
UBUNTU http://www.ubuntu.com/usn/USN-2917-2
UBUNTU http://www.ubuntu.com/usn/USN-2917-3
UBUNTU http://www.ubuntu.com/usn/USN-2924-1
UBUNTU http://www.ubuntu.com/usn/USN-2934-1
CONFIRM https://bto.bluecoat.com/security-advisory/sa119
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=1245528
CONFIRM https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes
CONFIRM https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
GENTOO https://security.gentoo.org/glsa/201605-06
CONFIRM https://support.apple.com/HT206166
CONFIRM https://support.apple.com/HT206167
CONFIRM https://support.apple.com/HT206168
CONFIRM https://support.apple.com/HT206169
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
DEBIAN http://www.debian.org/security/2016/dsa-3688

History of changes

Date Event
2019-03-08 16:06
2018-10-30 16:27
2017-11-04 01:29
2017-10-20 01:29
2017-08-09 05:26
2016-03-13 18:59

New CVE