CVE-2019-11745: When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur…

high8.8CVSS 3.1

AVNACLPRNUIRSUCHIHAH

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Affected

27 ranges· showing 25

Vendor	Product	Version range	Fixed in
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	nss	< nss 2:3.47.1-1 (bookworm)	nss 2:3.47.1-1 (bookworm)
mozilla	firefox	< 71.0	71.0
mozilla	firefox	—	—
mozilla	firefox_esr	< 68.3	68.3
mozilla	firefox_esr	—	—
mozilla	nss	>= 0 < 2:3.47.1-1	2:3.47.1-1
mozilla	nss	>= 0 < 2:3.47.1-1	2:3.47.1-1
mozilla	nss	>= 0 < 2:3.47.1-1	2:3.47.1-1
mozilla	nss	>= 0 < 2:3.47.1-1	2:3.47.1-1
mozilla	thunderbird	< 68.3.0	68.3.0
mozilla	thunderbird	—	—
mozilla	thunderbird	>= 0 < 1:68.7.0+build1-0ubuntu0.16.04.2	1:68.7.0+build1-0ubuntu0.16.04.2
mozilla	thunderbird	>= 0 < 1:68.4.1+build1-0ubuntu0.18.04.1	1:68.4.1+build1-0ubuntu0.18.04.1
opensuse	leap	—	—
redhat	enterprise_linux_server_aus	—	—
siemens	ruggedcom_rox_mx5000_firmware	< 2.14.0	2.14.0
siemens	ruggedcom_rox_rx1400_firmware	< 2.14.0	2.14.0
siemens	ruggedcom_rox_rx1500_firmware	< 2.14.0	2.14.0
siemens	ruggedcom_rox_rx1501_firmware	< 2.14.0	2.14.0
siemens	ruggedcom_rox_rx1510_firmware	< 2.14.0	2.14.0
siemens	ruggedcom_rox_rx1511_firmware	< 2.14.0	2.14.0

CVSS provenance

nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

osv8.8HIGH