Mozilla.NSS.Regexp.Handling.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a buffer overflow vulnerability in Mozilla Network Security Services, a library of functionality used by applications such as Mozilla FireFox, Mozilla Thunderbird and others.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted X.509 certificate. It allows a remote attacker to execute arbitrary code.

affected-products-logoAffected Products

Network Security Services (NSS) 3.12.2 and previous versions

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to Network Security Services (NSS) version 3.12.3:

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-12 16.941 Name:Mozilla.
Network.
Security.
Services.
Regexp.
Buffer.
Overflow:Mozilla.
NSS.
Regexp.
Handling.
Buffer.
Overflow