CVE-2016-2834

9 documents8 sources

Severity

8.8HIGH

EPSS

0.4%

top 39.36%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Mozilla Network Security Services Canonical Ubuntu Linux +5 more

Timeline

PublishedJun 13

Latest updateMay 14

Description

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages8 packages

▶NVDmozilla/network_security_services3.22

▶NVDmozilla/firefox46.0.1

▶Debiannss< 2:3.23-1+3

▶NVDopensuse/leap42.1

▶NVDopensuse/opensuse13.1, 13.2+1

Also affects: Ubuntu Linux 12.04, 14.04, 15.10, 16.04

🔴Vulnerability Details

GHSA

GHSA-x44r-c6cw-9c9w: Mozilla Network Security Services (NSS) before 3↗2022-05-14

▶

OSV

CVE-2016-2834: Mozilla Network Security Services (NSS) before 3↗2016-06-13

▶

CVEList

CVE-2016-2834: Mozilla Network Security Services (NSS) before 3↗2016-06-13

▶

📋Vendor Advisories

Ubuntu

NSS vulnerability↗2016-07-11

▶

Ubuntu

Firefox vulnerabilities↗2016-06-09

▶

Red Hat

nss: Multiple security flaws (MFSA 2016-61)↗2016-06-07

▶

Debian

CVE-2016-2834: firefox - Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox ...↗2016

▶

💬Community

Bugzilla

CVE-2016-2834 nss: Multiple security flaws (MFSA 2016-61)↗2016-06-18

▶