Mozilla.NSS.SSLv2.Server.Stack.Overflow
Description
This indicates a possible exploit of a buffer-overflow vulnerability in the SSLv2 support in Mozilla Network Security Services (NSS).
The vulnerability is caused by the software's inability to handle invalid parameters. A remote attacker may exploit this to execute arbitrary code.
Affected Products
Mozilla Firefox versions prior to 2.0.0.2
Mozilla Firefox versions prior to 1.5.0.10
Mozilla SeaMonkey versions prior to 1.0.8
Network Security Services (NSS) versions prior to 3.11.5
Impact
System compromise: Remote code execution.
Recommended Actions
Upgrade to Mozilla Firefox version 2.0.0.2 or 1.5.0.10 :
http://www.mozilla.com/firefox/
Upgrade to Mozilla SeaMonkey version 1.0.8 :
http://www.mozilla.org/projects/seamonkey/
Upgrade to Network Security Services (NSS) version 3.11.5 :
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |