Gentoo Linux: CVE-2013-5606: Mozilla Network Security Service: Multiple vulnerabilities
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
6 | (AV:N/AC:M/Au:N/C:P/I:P/A:N) | November 18, 2013 | October 30, 2017 | October 30, 2017 |
Description
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
Solution
gentoo-linux-upgrade-dev-libs-nssRelated Vulnerabilities
- ELSA-2013-1829 Important: Oracle Linux nss, nspr, and nss-util security update
- Alpine Linux: CVE-2013-5606: nss and RC4 multiple vulnerabilities
- Amazon Linux AMI: Security patch for nspr (ALAS-2013-266) (multiple CVEs)
- RHSA-2014:0041: rhev-hypervisor6 security update
- Sun Patch: NSS_NSPR_JSS 3.35 Solaris: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Mainte
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- DSA-2994-1 nss -- security update
- MFSA2013-103 Thunderbird: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5606)
- MFSA2013-103 Firefox: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5606)
- Sun Patch: NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2
- ELSA-2013-1791 Important: Oracle Linux nss and nspr security, bug fix, and enhancement update
- Amazon Linux AMI: Security patch for nss (ALAS-2013-265) (multiple CVEs)
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- ELSA-2014-1948 Important: Oracle Linux nss, nss-util, and nss-softokn security, bug fix, and enhancement update
- SUSE Linux Security Vulnerability: CVE-2013-5606
- USN-2030-1: NSS vulnerabilities
- Sun Patch: NSS_NSPR_JSS 3.35_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- RHSA-2013:1829: nss, nspr, and nss-util security update
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- Sun Patch: NSS_NSPR_JSS 3.35 Solaris_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Ma
- MFSA2013-103 SeaMonkey: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5606)
- RHSA-2013:1791: nss and nspr security, bug fix, and enhancement update