ALT-PU-2013-1148-1
Closed vulnerabilities
Published: 2013-11-18
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-1741
Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.
Severity: HIGH (7.5)
References:
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- APPLE-SA-2015-06-30-1
- APPLE-SA-2015-06-30-1
- APPLE-SA-2015-06-30-2
- APPLE-SA-2015-06-30-2
- SUSE-SU-2013:1807
- SUSE-SU-2013:1807
- openSUSE-SU-2013:1732
- openSUSE-SU-2013:1732
- RHSA-2013:1791
- RHSA-2013:1791
- RHSA-2013:1829
- RHSA-2013:1829
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- GLSA-201406-19
- GLSA-201406-19
- http://support.apple.com/kb/HT204941
- http://support.apple.com/kb/HT204941
- http://support.apple.com/kb/HT204942
- http://support.apple.com/kb/HT204942
- DSA-2994
- DSA-2994
- http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 63736
- 63736
- USN-2030-1
- USN-2030-1
- USN-2031-1
- USN-2031-1
- USN-2032-1
- USN-2032-1
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=925100
- https://bugzilla.mozilla.org/show_bug.cgi?id=925100
- https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes
- https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes
- GLSA-201504-01
- GLSA-201504-01
Published: 2013-11-18
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-5605
Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.
Severity: HIGH (7.5)
References:
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- SUSE-SU-2013:1807
- SUSE-SU-2013:1807
- openSUSE-SU-2013:1730
- openSUSE-SU-2013:1730
- openSUSE-SU-2013:1732
- openSUSE-SU-2013:1732
- RHSA-2013:1791
- RHSA-2013:1791
- RHSA-2013:1829
- RHSA-2013:1829
- RHSA-2013:1840
- RHSA-2013:1840
- RHSA-2013:1841
- RHSA-2013:1841
- RHSA-2014:0041
- RHSA-2014:0041
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- GLSA-201406-19
- GLSA-201406-19
- DSA-2800
- DSA-2800
- http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 63738
- 63738
- USN-2030-1
- USN-2030-1
- USN-2031-1
- USN-2031-1
- USN-2032-1
- USN-2032-1
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=934016
- https://bugzilla.mozilla.org/show_bug.cgi?id=934016
- https://developer.mozilla.org/docs/NSS/NSS_3.14.5_release_notes
- https://developer.mozilla.org/docs/NSS/NSS_3.14.5_release_notes
- https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes
- https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes
- GLSA-201504-01
- GLSA-201504-01
Published: 2013-11-18
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2013-5606
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate.
Severity: MEDIUM (5.8)
References:
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
- SUSE-SU-2013:1807
- SUSE-SU-2013:1807
- openSUSE-SU-2013:1732
- openSUSE-SU-2013:1732
- RHSA-2013:1791
- RHSA-2013:1791
- RHSA-2013:1829
- RHSA-2013:1829
- RHSA-2014:0041
- RHSA-2014:0041
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- GLSA-201406-19
- GLSA-201406-19
- DSA-2994
- DSA-2994
- http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
- http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
- 63737
- 63737
- USN-2030-1
- USN-2030-1
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=910438
- https://bugzilla.mozilla.org/show_bug.cgi?id=910438
- https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes
- https://developer.mozilla.org/docs/NSS/NSS_3.15.3_release_notes
- GLSA-201504-01
- GLSA-201504-01