Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors. (CVE-2016-2834)
Impact
BIG-IP
Remote attackers may be able to impact processes. Though Network Security Services (NSS) is not used by the Traffic Management Microkernel (TMM) or other data-plane components, it is available in the base system and is used by SNMP and sflow. In addition, NSS is available to other control-plane components, such as monitors and utilities available through the Advanced Shell (bash).
iWorkflow, BIG-IQ, and Enterprise Manager
These systems are not vulnerable in a default configuration because they do not link with the standard NSS libraries. However, base system components may be impacted, though the attack vectors are unknown.
CPE | Name | Operator | Version |
---|---|---|---|
big-ip afm | eq | 11.4.0 | |
big-ip afm | eq | 11.4.1 | |
big-ip afm | eq | 11.5.0 | |
big-ip afm | eq | 11.5.1 | |
big-ip afm | eq | 11.5.2 | |
big-ip afm | eq | 11.5.3 | |
big-ip afm | eq | 11.5.4 | |
big-ip afm | eq | 11.5.5 | |
big-ip afm | eq | 11.5.6 | |
big-ip afm | eq | 11.5.7 |