ELSA-2013-1829 Important: Oracle Linux nss, nspr, and nss-util security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | November 20, 2013 | December 17, 2013 | April 11, 2019 |
Description
Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- APPLE-APPLE-SA-2015-06-30-1
- APPLE-APPLE-SA-2015-06-30-2
- BID-62966
- BID-63736
- BID-63737
- BID-63738
- BID-63802
- CVE-2013-1739
- CVE-2013-1741
- CVE-2013-5605
- CVE-2013-5606
- CVE-2013-5607
- DEBIAN-DSA-2790
- DEBIAN-DSA-2800
- DEBIAN-DSA-2820
- DEBIAN-DSA-2994
- DISA_SEVERITY-Category I
- IAVM-2016-A-0293
- OVAL-OVAL19254
- REDHAT-RHSA-2013:1791
- REDHAT-RHSA-2013:1829
- REDHAT-RHSA-2013:1840
- REDHAT-RHSA-2013:1841
- REDHAT-RHSA-2014:0041
- URL: http://oss.oracle.com/pipermail/el-errata/2013-December/003875.html
Solution
oracle-linux-upgrade-nsprRelated Vulnerabilities
- MFSA2013-103 SeaMonkey: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5605)
- Alpine Linux: CVE-2013-5605: nss and RC4 multiple vulnerabilities
- Gentoo Linux: CVE-2013-1739: Mozilla Network Security Service: Multiple vulnerabilities
- USN-2032-1: Thunderbird vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2013-5607
- Gentoo Linux: CVE-2013-5606: Mozilla Network Security Service: Multiple vulnerabilities
- Alpine Linux: CVE-2013-5606: nss and RC4 multiple vulnerabilities
- Cent OS: CVE-2013-5605: CESA-2013:1829 (nspr, nss, nss-util)
- RHSA-2013:1841: nss security update
- MFSA2013-103 Firefox: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5607)
- Amazon Linux AMI: Security patch for nspr (ALAS-2013-266) (multiple CVEs)
- USN-2031-1: Firefox vulnerabilities
- RHSA-2014:0041: rhev-hypervisor6 security update
- MFSA2013-103 Thunderbird: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-1741)
- MFSA2013-93 Thunderbird: Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10) (CVE-2013-1739)
- Sun Patch: NSS_NSPR_JSS 3.35 Solaris: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Mainte
- MFSA2013-103 Thunderbird: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5607)
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- Alpine Linux: CVE-2013-5607: CVE-2013-5607 nspr
- DSA-2820-1 nspr -- integer overflow
- DSA-2994-1 nss -- security update
- SUSE Linux Security Vulnerability: CVE-2013-5605
- OS X update for Security (CVE-2013-1741)
- MFSA2013-103 Thunderbird: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5606)
- Gentoo Linux: CVE-2013-1741: Mozilla Network Security Service: Multiple vulnerabilities
- USN-2087-1: NSPR vulnerability
- MFSA2013-103 Firefox: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5606)
- Sun Patch: NSS_NSPR_JSS 3.30.2_x86: NSPR 4.15 / NSS 3.30.2 / JSS 4.3.2
- MFSA2013-103 Firefox: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-1741)
- MFSA2013-93 Firefox: Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10) (CVE-2013-1739)
- ELSA-2013-1791 Important: Oracle Linux nss and nspr security, bug fix, and enhancement update
- Amazon Linux AMI: Security patch for nss (ALAS-2013-265) (multiple CVEs)
- RHSA-2013:1840: nss security update
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- DSA-2800-1 nss -- buffer overflow
- MFSA2013-103 Firefox: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5605)
- SUSE Linux Security Vulnerability: CVE-2013-1741
- ELSA-2014-1948 Important: Oracle Linux nss, nss-util, and nss-softokn security, bug fix, and enhancement update
- FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs)
- OS X update for Admin Framework (CVE-2013-1741)
- MFSA2013-103 SeaMonkey: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5607)
- DSA-2790-1 nss -- uninitialized memory read
- USN-2010-1: Thunderbird vulnerabilities
- SUSE Linux Security Vulnerability: CVE-2013-5606
- USN-2030-1: NSS vulnerabilities
- Sun Patch: NSS_NSPR_JSS 3.35_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- RHSA-2013:1829: nss, nspr, and nss-util security update
- USN-2009-1: Firefox vulnerabilities
- Sun Patch: NSS_NSPR_JSS 3.35: NSPR 4.18 / NSS 3.35 / JSS 4.3.2
- MFSA2013-103 Thunderbird: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5605)
- Sun Patch: NSS_NSPR_JSS 3.35 Solaris_x86: NSPR 4.18 / NSS 3.35 / JSS 4.3.2 Ma
- MFSA2013-93 SeaMonkey: Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10) (CVE-2013-1739)
- Gentoo Linux: CVE-2013-5607: Mozilla Network Security Service: Multiple vulnerabilities
- MFSA2013-103 SeaMonkey: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-5606)
- RHSA-2013:1791: nss and nspr security, bug fix, and enhancement update
- Gentoo Linux: CVE-2013-5605: Mozilla Network Security Service: Multiple vulnerabilities
- Alpine Linux: CVE-2013-1739: CVE-2013-1739 nss
- MFSA2013-103 SeaMonkey: Miscellaneous Network Security Services (NSS) vulnerabilities (CVE-2013-1741)
- Alpine Linux: CVE-2013-1741: CVE-2013-1741 nss
- SUSE Linux Security Vulnerability: CVE-2013-1739