← Back

CVE-2017-5461

nvd nist
Published: May 11, 2017Modified: May 13, 2026

JSON object

Loading...
9.8
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.

Affected (4)

Mozilla
1 product
Network Security Services
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Mozilla
Network Security Services
Before 3.21.4
Network Security Services
After 3.22 to 3.28.4
Network Security Services
From 3.29 to 3.29.5
Network Security Services
From 3.30 to 3.30.1

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (42)

Source: security@mozilla.org
Patch
Source: security@mozilla.org
Patch
Source: security@mozilla.org
Patch
Source: security@mozilla.org
Patch
Source: security@mozilla.org
Third Party AdvisoryVDB Entry
Source: security@mozilla.org
Third Party AdvisoryVDB Entry
Source: security@mozilla.org
Patch
Source: security@mozilla.org
Patch
Source: security@mozilla.org
Patch
Source: security@mozilla.org
Patch
Source: security@mozilla.org
Issue TrackingPermissions Required
Source: security@mozilla.org
Release NotesVendor Advisory
Source: security@mozilla.org
Release NotesVendor Advisory
Source: security@mozilla.org
Release NotesVendor Advisory
Source: security@mozilla.org
Release NotesVendor Advisory
Source: security@mozilla.org
Third Party Advisory
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Vendor Advisory
Source: security@mozilla.org
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPermissions Required
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.