Oval Definition:oval:org.mitre.oval:def:23800
Revision Date:2014-05-26Version:15
Title:ELSA-2012:1091: nss, nspr, and nss-util security, bug fix, and enhancement update (Moderate)
Description:The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2012-0441
ELSA-2012:1091-01
Platform(s):Oracle Linux 6
Product(s):nspr
nss
nss-util
Definition Synopsis
  • Oracle Linux 6.x
  • AND rpm test
  • nss-util is earlier than 0:3.13.5-1.el6_3
  • OR nss-util-devel is earlier than 0:3.13.5-1.el6_3
  • OR nss-pkcs11-devel is earlier than 0:3.13.5-1.el6_3
  • OR nss-tools is earlier than 0:3.13.5-1.el6_3
  • OR nss-sysinit is earlier than 0:3.13.5-1.el6_3
  • OR nss is earlier than 0:3.13.5-1.el6_3
  • OR nss-devel is earlier than 0:3.13.5-1.el6_3
  • OR nspr is earlier than 0:4.9.1-2.el6_3
  • OR nspr-devel is earlier than 0:4.9.1-2.el6_3
    • BACK