Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2016-5285
HistoryNov 15, 2019 - 4:15 p.m.

CVE-2016-5285

2019-11-1516:15:10
CWE-476
[email protected]
web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.025 Low

EPSS

Percentile

90.2%

JSON

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

Affected configurations

NVD
Node
mozillanssRange<3.26
Node
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
OR
debiandebian_linuxMatch10.0
Node
redhatenterprise_linuxMatch5.0
OR
redhatenterprise_linuxMatch6.0
OR
redhatenterprise_linuxMatch7.0
Node
suselinux_enterprise_serverMatch11sp2ltss
Node
avayaaura_application_enablement_servicesRange6.1โ€“6.3.3
OR
avayaaura_application_enablement_servicesMatch7.0
OR
avayaaura_application_server_5300Match3.0-
OR
avayaaura_application_server_5300Match3.0sp1
OR
avayaaura_application_server_5300Match3.0sp10
OR
avayaaura_application_server_5300Match3.0sp10.1
OR
avayaaura_application_server_5300Match3.0sp11
OR
avayaaura_application_server_5300Match3.0sp11.1
OR
avayaaura_application_server_5300Match3.0sp12
OR
avayaaura_application_server_5300Match3.0sp12.1
OR
avayaaura_application_server_5300Match3.0sp12.2
OR
avayaaura_application_server_5300Match3.0sp12.3
OR
avayaaura_application_server_5300Match3.0sp12.5
OR
avayaaura_application_server_5300Match3.0sp3
OR
avayaaura_application_server_5300Match3.0sp5
OR
avayaaura_application_server_5300Match3.0sp7
OR
avayaaura_communication_managerRange6.0โ€“6.3.117.0
OR
avayaaura_communication_managerMatch7.0-
OR
avayaaura_communication_managerMatch7.0sp
OR
avayaaura_communication_managerMatch7.0sp3
OR
avayaaura_communication_manager_messagintMatch7.0-
OR
avayaaura_communication_manager_messagintMatch7.0sp1
OR
avayabreeze_platformRange3.0โ€“3.2
OR
avayacall_management_systemRange18.0.0.1โ€“18.0.0.2
OR
avayacall_management_systemMatch17.0-
OR
avayacall_management_systemMatch17.0r3
OR
avayacall_management_systemMatch17.0r4
OR
avayacall_management_systemMatch17.0r5
OR
avayacall_management_systemMatch17.0r6
OR
avayaiqMatch5.2.x
Node
avayacs1000e_firmwareRange7.0โ€“7.6
AND
avayacs1000eMatch-
Node
avayacs1000m_firmwareRange7.0โ€“7.6
AND
avayacs1000mMatch-
Node
avayacs1000e\/cs1000m_signaling_server_firmwareRange7.0โ€“7.6
AND
avayacs1000e\/cs1000m_signaling_serverMatch-
Node
avayaaura_conferencingMatch7.0
OR
avayaaura_conferencingMatch7.2
OR
avayaaura_conferencingMatch8.0-
OR
avayaaura_conferencingMatch8.0sp2
OR
avayaaura_conferencingMatch8.0sp4
OR
avayaaura_conferencingMatch8.0sp5
OR
avayaaura_conferencingMatch8.0sp7
OR
avayaaura_conferencingMatch8.0sp8
OR
avayaaura_conferencingMatch8.0sp9
OR
avayaaura_experience_portalRange6.0โ€“7.1
Node
avayaip_officeMatch8.1
OR
avayaip_officeMatch9.1-
OR
avayaip_officeMatch9.1sp1
OR
avayaip_officeMatch9.1sp10
OR
avayaip_officeMatch9.1sp11
OR
avayaip_officeMatch9.1sp12
OR
avayaip_officeMatch9.1sp3
OR
avayaip_officeMatch9.1sp4
OR
avayaip_officeMatch9.1sp5
OR
avayaip_officeMatch9.1sp6
OR
avayaip_officeMatch9.1sp7
OR
avayaip_officeMatch9.1sp8
OR
avayaip_officeMatch9.1sp9
OR
avayaip_officeMatch10.0-
OR
avayaip_officeMatch10.0sp1
OR
avayaip_officeMatch10.0sp2
OR
avayaip_officeMatch10.0sp3
OR
avayaip_officeMatch10.0sp4
OR
avayaip_officeMatch10.0sp5
OR
avayaip_officeMatch10.0sp6
OR
avayaip_officeMatch10.0sp7
Node
avayaaura_messagingMatch6.3
OR
avayaaura_messagingMatch6.3.3-
OR
avayaaura_messagingMatch6.3.3sp4
OR
avayaaura_messagingMatch6.3.3sp5
OR
avayaaura_messagingMatch6.3.3sp6
OR
avayaaura_session_managerRange6.3โ€“6.3.18
OR
avayaaura_session_managerMatch7.0-
OR
avayaaura_session_managerMatch7.0sp1
OR
avayaaura_session_managerMatch7.0sp2
OR
avayaaura_session_managerMatch7.0.1-
OR
avayaaura_session_managerMatch7.0.1sp1
OR
avayaaura_session_managerMatch7.0.1sp2
OR
avayaaura_system_managerRange6.3โ€“6.3.18
OR
avayaaura_system_managerRange7.0โ€“7.0.1.3
OR
avayaaura_utility_servicesRange6.3โ€“6.3.14
OR
avayaaura_utility_servicesRange7.0โ€“7.0.1.2
OR
avayameeting_exchangeMatch6.2-
OR
avayameeting_exchangeMatch6.2sp3
OR
avayamessage_networkingRange5.2โ€“6.3
OR
avayaone-x_client_enablement_servicesMatch6.2-
OR
avayaone-x_client_enablement_servicesMatch6.2sp1
OR
avayaone-x_client_enablement_servicesMatch6.2sp2
OR
avayaone-x_client_enablement_servicesMatch6.2sp5
OR
avayaproactive_contactRange5.0โ€“5.1.2
Node
avayasession_border_controller_for_enterprise_firmwareRange6.2โ€“6.3
OR
avayasession_border_controller_for_enterprise_firmwareRange7.0โ€“7.1
AND
avayasession_border_controller_for_enterpriseMatch-
Node
avayaaura_system_platform_firmwareRange6.3โ€“6.4.0
AND
avayaaura_system_platformMatch-

Related

redhatcve 1
ubuntucve 1
prion 1
veracode 1
cvelist 1
cve 1
debiancve 1
redhat 1
openvas 9
nessus 11
ibm 11
symantec 1
ubuntu 1
centos 1
amazon 1
oraclelinux 1
gentoo 1
suse 3
oracle 1
redhatcve
redhatcve
CVE-2016-5285
2016-11-16 03:47:19
ubuntucve
ubuntucve
CVE-2016-5285
2016-11-16 00:00:00
prion
prion
Null pointer dereference
2019-11-15 16:15:00
veracode
veracode
Null Pointer Dereference
2019-05-02 06:02:29
cvelist
cvelist
CVE-2016-5285
2019-11-15 15:44:05
cve
cve
CVE-2016-5285
2019-11-15 16:15:10
debiancve
debiancve
CVE-2016-5285
2019-11-15 16:15:10
redhat
redhat
(RHSA-2016:2779) Moderate: nss and nss-util security update
2016-11-16 00:00:00
openvas
openvas
CentOS Update for nss-util CESA-2016:2779 centos6
2016-11-20 00:00:00
Huawei EulerOS: Security Advisory for nss, nss-util (EulerOS-SA-2016-1084)
2020-01-23 00:00:00
RedHat Update for nss and nss-util RHSA-2016:2779-01
2016-11-16 00:00:00
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : NSS vulnerabilities (USN-3163-1)
2017-01-05 00:00:00
Oracle Linux 5 / 6 / 7 : nss / nss-util (ELSA-2016-2779)
2016-11-17 00:00:00
CentOS 5 / 6 / 7 : nss / nss-util (CESA-2016:2779)
2016-11-21 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Mozilla Network Security Services (NSS) affect IBM MQ Appliance (CVE-2016-2834, CVE-2016-5285, CVE-2016-8635)
2018-06-15 07:06:54
Security Bulletin: Vulnerabilities in Mozilla NSS affect the IBM FlashSystem model V840
2018-06-18 00:32:47
Security Bulletin: Vulnerabilities in Mozilla Network Security Services (NSS) affect PowerKVM
2018-06-18 01:34:46
symantec
symantec
SA137 : NSS Vulnerabilities
2016-12-20 08:00:00
ubuntu
ubuntu
NSS vulnerabilities
2017-01-04 00:00:00
centos
centos
nss security update
2016-11-19 11:17:02
amazon
amazon
Medium: nss-util, nss, nss-softokn
2016-12-15 00:32:00
oraclelinux
oraclelinux
nss and nss-util security update
2016-11-16 00:00:00
gentoo
gentoo
Mozilla Network Security Service (NSS): Multiple vulnerabilities
2017-01-19 00:00:00
suse
suse
Security update for MozillaFirefox, mozilla-nss (important)
2016-12-05 21:07:10
Security update for MozillaFirefox, mozilla-nss (important)
2016-12-10 23:09:49
Security update for MozillaFirefox, mozilla-nss (important)
2016-12-13 13:07:50
oracle
oracle
Oracle Critical Patch Update - October 2017
2017-10-17 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.025 Low

EPSS

Percentile

90.2%

JSON
Related for NVD:CVE-2016-5285
redhatcve1ubuntucve1prion1veracode1cvelist1cve1debiancve1redhat1openvas9nessus11ibm11symantec1ubuntu1centos1amazon1oraclelinux1gentoo1suse3oracle1