CVE-2017-5461 - Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x b

CVE-2017-5461

Summary

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.

References

Vulnerable Configurations

cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:-:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.7.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.9.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.10.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.11.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.14.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.15.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.2.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.16.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.17.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.18.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.2.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.19.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.20.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.20.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.21.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.30:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.30:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.22.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.22.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.22.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.22.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.23:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.23:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.24:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.24:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.25:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.25:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.26:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.26:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 20-07-2021 - 23:15)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

redhat via4

advisories

bugzilla

id	1440080
title	CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment nss-util is earlier than 0:3.28.4-1.0.el7_3
oval oval:com.redhat.rhsa:tst:20171100001
comment nss-util is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364016

AND

comment nss-util-devel is earlier than 0:3.28.4-1.0.el7_3
oval oval:com.redhat.rhsa:tst:20171100003
comment nss-util-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364018

AND
comment nss is earlier than 0:3.28.4-1.0.el7_3
oval oval:com.redhat.rhsa:tst:20171100005
comment nss is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364006
AND
comment nss-devel is earlier than 0:3.28.4-1.0.el7_3
oval oval:com.redhat.rhsa:tst:20171100007
comment nss-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364008

AND

comment nss-pkcs11-devel is earlier than 0:3.28.4-1.0.el7_3
oval oval:com.redhat.rhsa:tst:20171100009
comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364010

AND
comment nss-sysinit is earlier than 0:3.28.4-1.0.el7_3
oval oval:com.redhat.rhsa:tst:20171100011
comment nss-sysinit is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364012
AND
comment nss-tools is earlier than 0:3.28.4-1.0.el7_3
oval oval:com.redhat.rhsa:tst:20171100013
comment nss-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364014

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment nss-util is earlier than 0:3.28.4-1.el6_9
oval oval:com.redhat.rhsa:tst:20171100016
comment nss-util is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364016

AND

comment nss-util-devel is earlier than 0:3.28.4-1.el6_9
oval oval:com.redhat.rhsa:tst:20171100017
comment nss-util-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364018

AND
comment nss is earlier than 0:3.28.4-1.el6_9
oval oval:com.redhat.rhsa:tst:20171100018
comment nss is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364006
AND
comment nss-devel is earlier than 0:3.28.4-1.el6_9
oval oval:com.redhat.rhsa:tst:20171100019
comment nss-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364008

AND

comment nss-pkcs11-devel is earlier than 0:3.28.4-1.el6_9
oval oval:com.redhat.rhsa:tst:20171100020
comment nss-pkcs11-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364010

AND
comment nss-sysinit is earlier than 0:3.28.4-1.el6_9
oval oval:com.redhat.rhsa:tst:20171100021
comment nss-sysinit is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364012
AND
comment nss-tools is earlier than 0:3.28.4-1.el6_9
oval oval:com.redhat.rhsa:tst:20171100022
comment nss-tools is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhba:tst:20150364014

rhsa

id	RHSA-2017:1100
released	2017-04-20
severity	Critical
title	RHSA-2017:1100: nss and nss-util security update (Critical)

bugzilla

id	1440080
title	CVE-2017-5461 nss: Write beyond bounds caused by bugs in Base64 de/encoding in nssb64d.c and nssb64e.c (MFSA 2017-10)

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment nss is earlier than 0:3.21.4-1.el5_11
oval oval:com.redhat.rhsa:tst:20171101001
comment nss is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925006
AND
comment nss-devel is earlier than 0:3.21.4-1.el5_11
oval oval:com.redhat.rhsa:tst:20171101003
comment nss-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925008

AND

comment nss-pkcs11-devel is earlier than 0:3.21.4-1.el5_11
oval oval:com.redhat.rhsa:tst:20171101005
comment nss-pkcs11-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925010

AND
comment nss-tools is earlier than 0:3.21.4-1.el5_11
oval oval:com.redhat.rhsa:tst:20171101007
comment nss-tools is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhba:tst:20150925012

rhsa

id	RHSA-2017:1101
released	2017-04-20
severity	Critical
title	RHSA-2017:1101: nss security update (Critical)

rhsa
id RHSA-2017:1102
rhsa
id RHSA-2017:1103

rpms

nss-0:3.28.4-1.0.el7_3
nss-0:3.28.4-1.el6_9
nss-debuginfo-0:3.28.4-1.0.el7_3
nss-debuginfo-0:3.28.4-1.el6_9
nss-devel-0:3.28.4-1.0.el7_3
nss-devel-0:3.28.4-1.el6_9
nss-pkcs11-devel-0:3.28.4-1.0.el7_3
nss-pkcs11-devel-0:3.28.4-1.el6_9
nss-sysinit-0:3.28.4-1.0.el7_3
nss-sysinit-0:3.28.4-1.el6_9
nss-tools-0:3.28.4-1.0.el7_3
nss-tools-0:3.28.4-1.el6_9
nss-util-0:3.28.4-1.0.el7_3
nss-util-0:3.28.4-1.el6_9
nss-util-debuginfo-0:3.28.4-1.0.el7_3
nss-util-debuginfo-0:3.28.4-1.el6_9
nss-util-devel-0:3.28.4-1.0.el7_3
nss-util-devel-0:3.28.4-1.el6_9
nss-0:3.21.4-1.el5_11
nss-debuginfo-0:3.21.4-1.el5_11
nss-devel-0:3.21.4-1.el5_11
nss-pkcs11-devel-0:3.21.4-1.el5_11
nss-tools-0:3.21.4-1.el5_11
nss-util-0:3.13.1-11.el6_2
nss-util-0:3.14.3-9.el6_4
nss-util-0:3.16.1-5.el6_5
nss-util-0:3.19.1-4.el6_6
nss-util-0:3.21.4-1.el6_7
nss-util-0:3.21.4-1.el7_2
nss-util-debuginfo-0:3.13.1-11.el6_2
nss-util-debuginfo-0:3.14.3-9.el6_4
nss-util-debuginfo-0:3.16.1-5.el6_5
nss-util-debuginfo-0:3.19.1-4.el6_6
nss-util-debuginfo-0:3.21.4-1.el6_7
nss-util-debuginfo-0:3.21.4-1.el7_2
nss-util-devel-0:3.13.1-11.el6_2
nss-util-devel-0:3.14.3-9.el6_4
nss-util-devel-0:3.16.1-5.el6_5
nss-util-devel-0:3.19.1-4.el6_6
nss-util-devel-0:3.21.4-1.el6_7
nss-util-devel-0:3.21.4-1.el7_2
nss-0:3.14.3-11.el5_9
nss-debuginfo-0:3.14.3-11.el5_9
nss-devel-0:3.14.3-11.el5_9
nss-pkcs11-devel-0:3.14.3-11.el5_9
nss-tools-0:3.14.3-11.el5_9

refmap via4

bid	98050
confirm	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html https://bugzilla.mozilla.org/show_bug.cgi?id=1344380 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.4_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.28.4_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.29.5_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30.1_release_notes https://www.mozilla.org/en-US/security/advisories/mfsa2017-10/#CVE-2017-5461 https://www.mozilla.org/en-US/security/advisories/mfsa2017-11/#CVE-2017-5461 https://www.mozilla.org/en-US/security/advisories/mfsa2017-12/#CVE-2017-5461 https://www.mozilla.org/en-US/security/advisories/mfsa2017-13/#CVE-2017-5461
debian	DSA-3831 DSA-3872
gentoo	GLSA-201705-04
sectrack	1038320

Last major update

20-07-2021 - 23:15

Published

11-05-2017 - 01:29

Last modified

20-07-2021 - 23:15