CVE-2013-1739
CVE-2013-1739
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00014.htmlhttp://lists.opensuse.org/opensuse-updates/2013-10/msg00013.htmlhttp://lists.opensuse.org/opensuse-updates/2013-10/msg00016.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1791.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1829.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=894370https://bugzilla.redhat.com/show_bug.cgi?id=1012656https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_noteshttp://seclists.org/fulldisclosure/2014/Dec/23http://security.gentoo.org/glsa/glsa-201406-19.xmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19254