Mozilla Thunderbird CVE-2016-1950 Buffer Overflow Vulnerability

description-logoDescription

Security researcher Francis Gabriel of Quarkslab reported a heap-based buffer overflow in the way the Network Security Services (NSS) libraries parsed certain ASN.1 structures. An attacker could create a specially-crafted certificate which, when parsed by NSS, would cause it to crash or execute arbitrary code with the permissions of the user.

affected-products-logoAffected Applications

Thunderbird

CVE References

CVE-2016-1950