Oval Definition:	oval:com.ubuntu.xenial:def:2019117450000000
Revision Date: 2020-01-08 Version: 1 Title: CVE-2019-11745 on Ubuntu 16.04 LTS (xenial) - medium. Description: When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-11745 Platform(s): Ubuntu 16.04 LTS Product(s): Definition Synopsis Ubuntu 16.04 LTS (xenial) is installed. AND Package Information firefox package in xenial was vulnerable but has been fixed (note: '71.0+build5-0ubuntu0.16.04.1'). OR nss package in xenial was vulnerable but has been fixed (note: '2:3.28.4-0ubuntu0.16.04.8'). OR thunderbird package in xenial is affected and needs fixing.
BACK