CVE-2013-1741

CWE-18915 documents9 sources
Severity
7.5HIGH
EPSS
2.6%
top 14.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Network Security Services
Timeline
PublishedNov 18
Latest updateMay 14

Description

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmozilla/network_security_services3.15, 3.15.1, 3.15.2+2
Debiannss< 2:3.15.3-1+3

🔴Vulnerability Details

3
GHSA
GHSA-9953-888v-2xw2: Integer overflow in Mozilla Network Security Services (NSS) 32022-05-14
OSV
CVE-2013-1741: Integer overflow in Mozilla Network Security Services (NSS) 32013-11-18
CVEList
CVE-2013-1741: Integer overflow in Mozilla Network Security Services (NSS) 32013-11-16

📋Vendor Advisories

8
Ubuntu
Thunderbird vulnerabilities2013-11-21
Ubuntu
Firefox vulnerabilities2013-11-20
Red Hat
nss: Integer truncation in certificate parsing (MFSA 2013-103)2013-11-19
Red Hat
nspr: Avoid unsigned integer wrapping in PL_ArenaAllocate (MFSA 2013-103)2013-11-19
Ubuntu
NSS vulnerabilities2013-11-18

💬Community

3
Bugzilla
CVE-2013-5605 CVE-2013-5606 CVE-2013-1741 nss: various flaws [fedora-all]2013-11-19
Bugzilla
CVE-2013-1741 nss: Integer truncation in certificate parsing (MFSA 2013-103)2013-11-18
Bugzilla
CVE-2013-5607 nspr: Avoid unsigned integer wrapping in PL_ArenaAllocate (MFSA 2013-103)2013-11-18
CVE-2013-1741 (HIGH CVSS 7.5) | Integer overflow in Mozilla Network | cvebase.io