Mozilla.NSS.Regexp.Handling.Buffer.Overflow
Description
This indicates an attack attempt against a buffer overflow vulnerability in Mozilla Network Security Services, a library of functionality used by applications such as Mozilla FireFox, Mozilla Thunderbird and others.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted X.509 certificate. It allows a remote attacker to execute arbitrary code.
Affected Products
Network Security Services (NSS) 3.12.2 and previous versions
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Upgrade to Network Security Services (NSS) version 3.12.3:
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-10-12 | 16.941 | Name:Mozilla. Network. Security. Services. Regexp. Buffer. Overflow:Mozilla. NSS. Regexp. Handling. Buffer. Overflow |