CVE-2013-1739

Currently unrated

Key Information:

Vendor: Mozilla
Status: Network Security Services
Vendor: CVE Published:; 22 October 2013

Summary

Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.

References

http://www.oracle.com/technetwork/topics/security/ovmbull...

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1012656

x_refsource_CONFIRM

http://www.vmware.com/security/advisories/VMSA-2014-0012....

x_refsource_CONFIRM

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 22, 2013
Vulnerability Reserved
Feb 13, 2013