TLS Vulnerability in Mozilla Network Security Services
CVE-2013-1620

Currently unrated

Key Information:

Vendor

Mozilla
Status
Network Security Services
Vendor
CVE Published:
8 February 2013

What is CVE-2013-1620?

A vulnerability in the TLS implementation of Mozilla's Network Security Services (NSS) has been identified, which fails to adequately protect against timing side-channel attacks during the processing of malformed CBC padding. This flaw allows attackers to conduct distinguishing attacks and recover plaintext through statistical analysis of timing data from specially crafted packets. The weakness is closely related to other documented vulnerabilities and may present significant security risks to affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.oracle.com/technetwork/topics/security/ovmbull...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/57777
vdb-entryx_refsource_BID
http://www.vmware.com/security/advisories/VMSA-2014-0012....
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.