Lucene search

K

[email protected]CVE-2013-1741

HistoryNov 18, 2013 - 5:23 a.m.

CVE-2013-1741

2013-11-1805:23:57

CWE-189

[email protected]

web.nvd.nist.gov

59

cve-2013-1741

integer overflow

mozilla

nss

denial of service

remote attackers

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

94.9%

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.

Affected configurations

NVD

Node

mozillanetwork_security_servicesMatch3.15

OR

mozillanetwork_security_servicesMatch3.15.1

OR

mozillanetwork_security_servicesMatch3.15.2

CPENameOperatorVersion
mozilla:network_security_servicesmozilla network security serviceseq3.15
mozilla:network_security_servicesmozilla network security serviceseq3.15.1
mozilla:network_security_servicesmozilla network security serviceseq3.15.2

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10761

lists.apple.com/archives/security-announce/2015/Jun/msg00001.html

lists.apple.com/archives/security-announce/2015/Jun/msg00002.html

lists.opensuse.org/opensuse-security-announce/2013-12/msg00000.html

lists.opensuse.org/opensuse-updates/2013-11/msg00080.html

rhn.redhat.com/errata/RHSA-2013-1791.html

rhn.redhat.com/errata/RHSA-2013-1829.html

seclists.org/fulldisclosure/2014/Dec/23

security.gentoo.org/glsa/glsa-201406-19.xml

support.apple.com/kb/HT204941

support.apple.com/kb/HT204942

www.debian.org/security/2014/dsa-2994

www.mozilla.org/security/announce/2013/mfsa2013-103.html

www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

www.securityfocus.com/archive/1/534161/100/0/threaded

www.securityfocus.com/bid/63736

www.ubuntu.com/usn/USN-2030-1

www.ubuntu.com/usn/USN-2031-1

www.ubuntu.com/usn/USN-2032-1

www.vmware.com/security/advisories/VMSA-2014-0012.html

bugzilla.mozilla.org/show_bug.cgi?id=925100

developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes

security.gentoo.org/glsa/201504-01

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.3 Medium

AI Score

Confidence

High

0.101 Low

EPSS

Percentile

94.9%

Related for CVE-2013-1741

prion2 cvelist2 nvd2 debiancve2 ubuntucve2 cve1 nessus38 openvas73 fedora31 ubuntu3 osv2 suse1 debian2 oraclelinux3 mozilla1 mageia1 securityvulns8 amazon2 centos2 veracode3 redhat3 gentoo2 oracle4