CVE-2017-5461
published 2017-05-11CVE-2017-5461: Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote…
critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.
Affected
23 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | firefox | < firefox 52.0.1-1 (sid) | firefox 52.0.1-1 (sid) |
| debian | firefox-esr | < firefox 52.0.1-1 (sid) | firefox 52.0.1-1 (sid) |
| debian | nss | < firefox 52.0.1-1 (sid) | firefox 52.0.1-1 (sid) |
| mozilla | firefox | >= 0 < 53.0.2+build1-0ubuntu0.14.04.2 | 53.0.2+build1-0ubuntu0.14.04.2 |
| mozilla | firefox | >= 0 < 53.0+build6-0ubuntu0.14.04.1 | 53.0+build6-0ubuntu0.14.04.1 |
| mozilla | firefox | >= 0 < 53.0.2+build1-0ubuntu0.16.04.2 | 53.0.2+build1-0ubuntu0.16.04.2 |
| mozilla | firefox | >= 0 < 53.0+build6-0ubuntu0.16.04.1 | 53.0+build6-0ubuntu0.16.04.1 |
| mozilla | firefox | >= unspecified < 53 | 53 |
| mozilla | firefox_esr | >= unspecified < 45.9 | 45.9 |
| mozilla | firefox_esr | >= unspecified < 52.1 | 52.1 |
| mozilla | network_security_services | < 3.21.4 | 3.21.4 |
| mozilla | network_security_services | < 3.28.4 | 3.28.4 |
| mozilla | network_security_services | >= 3.29 < 3.29.5 | 3.29.5 |
| mozilla | network_security_services | >= 3.30 < 3.30.1 | 3.30.1 |
| mozilla | nss | >= 0 < 2:3.26.2-1.1 | 2:3.26.2-1.1 |
| mozilla | nss | >= 0 < 2:3.26.2-1.1 | 2:3.26.2-1.1 |
| mozilla | nss | >= 0 < 2:3.26.2-1.1 | 2:3.26.2-1.1 |
| mozilla | nss | >= 0 < 2:3.26.2-1.1 | 2:3.26.2-1.1 |
| mozilla | nss | >= 0 < 2:3.28.4-0ubuntu0.14.04.1 | 2:3.28.4-0ubuntu0.14.04.1 |
| mozilla | nss | >= 0 < 2:3.28.4-0ubuntu0.16.04.1 | 2:3.28.4-0ubuntu0.16.04.1 |
| mozilla | thunderbird | >= 0 < 1:52.1.1+build1-0ubuntu0.14.04.1 | 1:52.1.1+build1-0ubuntu0.14.04.1 |
| mozilla | thunderbird | >= 0 < 1:52.1.1+build1-0ubuntu0.16.04.1 | 1:52.1.1+build1-0ubuntu0.16.04.1 |
| mozilla | thunderbird | >= unspecified < 52.1 | 52.1 |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL