mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
362 lines
13 KiB
JSON
362 lines
13 KiB
JSON
{
|
|
"id": "CVE-2013-1739",
|
|
"sourceIdentifier": "security@mozilla.org",
|
|
"published": "2013-10-22T22:55:04.237",
|
|
"lastModified": "2024-11-21T01:50:17.740",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Mozilla Network Security Services (NSS) en versiones anteriores a 3.15.2 no asegura que las estructuras de datos est\u00e9n inicializadas antes de las operaciones de lectura, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado a trav\u00e9s de vectores que desencadenan un fallo de descifrado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
|
|
"baseScore": 5.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "PARTIAL"
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-noinfo"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.15.1",
|
|
"matchCriteriaId": "D6943F8E-784B-4CCD-82E3-B5A439C43C07"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E62D1D1B-985D-440B-AD23-3F16AEC8DA45"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "54B8C2DA-E663-437B-83DA-5521AF002C8F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "94C2A7CF-71DB-431C-8F13-E6F46961F68D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "000A1698-C9DE-49A1-9F5D-FDED34A134E8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "601788BD-8B31-417F-AE7D-BE8E4107C1EA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "06A99645-6A81-40C3-B46F-3D1ABF00EF00"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EBCB20B-A367-485F-9115-04EABBE69C5A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0E38E21D-23A9-4D0D-B45B-AF019CD448F2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "33955B7C-ABA0-49E3-BEF8-AD29FD31DA5C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "42C5B25D-E039-427D-8655-FD6BB9302793"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C6E3FD4C-57C7-49CC-B970-18FE767A5ABD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DDE6B5A1-2E92-427A-810F-0139632F4410"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "548E3AAC-3628-4CA4-98CF-7F3724F4355D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.12.11:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8E39AD87-3C6C-4B2F-AC3C-84FDBE184440"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.14:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "99EDA73B-F030-48C0-AAC1-7B8FF1D9E54E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.14.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C3720323-D3BD-4ACD-93B7-B1687E2B241B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.14.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E3AA512E-B2EA-4C73-91B9-14BD5776EE53"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.14.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B7D2D713-5A78-4D78-BF0B-2BC1A621D4C0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:mozilla:network_security_services:3.15:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B591920E-38ED-4046-AD08-E31464C61A18"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00014.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00013.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00016.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2013-1791.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2013-1829.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2014/Dec/23",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-201406-19.xml",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2013/dsa-2790",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-93.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/62966",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/USN-2030-1",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=894370",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1012656",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_notes",
|
|
"source": "security@mozilla.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19254",
|
|
"source": "security@mozilla.org"
|
|
},
|
|
{
|
|
"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00014.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00013.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00016.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2013-1791.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://rhn.redhat.com/errata/RHSA-2013-1829.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://seclists.org/fulldisclosure/2014/Dec/23",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-201406-19.xml",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2013/dsa-2790",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.mozilla.org/security/announce/2013/mfsa2013-93.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/62966",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/USN-2030-1",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=894370",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1012656",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://developer.mozilla.org/en-US/docs/NSS/NSS_3.15.2_release_notes",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19254",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |