vulnerability

F5: CVE-2016-1950: K91100352: Mozilla NSS vulnerability CVE-2016-1950

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Apr 13, 2016

Added

Jun 17, 2026

Modified

Jun 17, 2026

Description

Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.

Solution

f5-bigip-upgrade-latest

References

CVE-2016-1950
https://attackerkb.com/topics/CVE-2016-1950
https://my.f5.com/manage/s/article/K91100352
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-3039
CWE-119
EUVD-EUVD-2016-3039

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report