{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-01-26T00:00:00", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bto.bluecoat.com/security-advisory/sa124"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"}, {"name": "DSA-3688", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3688"}, {"name": "RHSA-2016:0684", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0684.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-15.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"}, {"name": "SUSE-SU-2016:0820", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"}, {"name": "RHSA-2016:0685", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0685.html"}, {"name": "SUSE-SU-2016:0727", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"}, {"name": "84275", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/84275"}, {"tags": ["x_refsource_MISC"], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes"}, {"name": "USN-2973-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2973-1"}, {"name": "RHSA-2016:0591", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0591.html"}, {"name": "SUSE-SU-2016:0909", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"}, {"name": "1035258", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035258"}, {"name": "91787", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/91787"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1209546"}, {"name": "SUSE-SU-2016:0777", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"}, {"name": "GLSA-201605-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201605-06"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2016-1978", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bto.bluecoat.com/security-advisory/sa124", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa124"}, {"name": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"}, {"name": "DSA-3688", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3688"}, {"name": "RHSA-2016:0684", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0684.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"name": "http://www.mozilla.org/security/announce/2016/mfsa2016-15.html", "refsource": "CONFIRM", "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-15.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"}, {"name": "SUSE-SU-2016:0820", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"}, {"name": "RHSA-2016:0685", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0685.html"}, {"name": "SUSE-SU-2016:0727", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"}, {"name": "84275", "refsource": "BID", "url": "http://www.securityfocus.com/bid/84275"}, {"name": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes", "refsource": "MISC", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes"}, {"name": "USN-2973-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2973-1"}, {"name": "RHSA-2016:0591", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0591.html"}, {"name": "SUSE-SU-2016:0909", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"}, {"name": "1035258", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035258"}, {"name": "91787", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91787"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1209546", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1209546"}, {"name": "SUSE-SU-2016:0777", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"}, {"name": "GLSA-201605-06", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201605-06"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:17:50.147Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bto.bluecoat.com/security-advisory/sa124"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"}, {"name": "DSA-3688", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3688"}, {"name": "RHSA-2016:0684", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0684.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-15.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"}, {"name": "SUSE-SU-2016:0820", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"}, {"name": "RHSA-2016:0685", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0685.html"}, {"name": "SUSE-SU-2016:0727", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"}, {"name": "84275", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/84275"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes"}, {"name": "USN-2973-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2973-1"}, {"name": "RHSA-2016:0591", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-0591.html"}, {"name": "SUSE-SU-2016:0909", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"}, {"name": "1035258", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035258"}, {"name": "91787", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/91787"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1209546"}, {"name": "SUSE-SU-2016:0777", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"}, {"name": "GLSA-201605-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201605-06"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2016-1978", "datePublished": "2016-03-13T18:00:00", "dateReserved": "2016-01-20T00:00:00", "dateUpdated": "2024-08-05T23:17:50.147Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "matchCriteriaId": "11233031-7034-4B56-8D8A-FCBD100B26F3", "versionEndIncluding": "43.0.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:network_security_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "92954403-582A-4A55-B45C-64CADCF40909", "versionEndIncluding": "3.20.1", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n de memoria en la funci\u00f3n ssl3_HandleECDHServerKeyExchange en Mozilla Network Security Services (NSS) en versiones anteriores a 3.21, como se utiliza en Mozilla Firefox en versiones anteriores a 44.0, permite a atacantes remotos causar una denegaci\u00f3n de servicio o posiblemente tener otro impacto no especificado llevando a cabo un apret\u00f3n de manos SSL (1) DHE o (2) ECDHE en un momento de alto consumo de memoria."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/416.html\">CWE-416: Use After Free</a>", "id": "CVE-2016-1978", "lastModified": "2017-11-04T01:29:18.067", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-03-13T18:59:27.287", "references": [{"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"}, {"source": "security@mozilla.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0591.html"}, {"source": "security@mozilla.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0684.html"}, {"source": "security@mozilla.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-0685.html"}, {"source": "security@mozilla.org", "url": "http://www.debian.org/security/2016/dsa-3688"}, {"source": "security@mozilla.org", "tags": ["Vendor Advisory"], "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-15.html"}, {"source": "security@mozilla.org", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"}, {"source": "security@mozilla.org", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"}, {"source": "security@mozilla.org", "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"}, {"source": "security@mozilla.org", "url": "http://www.securityfocus.com/bid/84275"}, {"source": "security@mozilla.org", "url": "http://www.securityfocus.com/bid/91787"}, {"source": "security@mozilla.org", "url": "http://www.securitytracker.com/id/1035258"}, {"source": "security@mozilla.org", "url": "http://www.ubuntu.com/usn/USN-2973-1"}, {"source": "security@mozilla.org", "url": "https://bto.bluecoat.com/security-advisory/sa124"}, {"source": "security@mozilla.org", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1209546"}, {"source": "security@mozilla.org", "url": "https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21_release_notes"}, {"source": "security@mozilla.org", "url": "https://security.gentoo.org/glsa/201605-06"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Eric Rescorla as the original reporter.", "affected_release": [{"advisory": "RHSA-2016:0684", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "nspr-0:4.11.0-1.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-04-25T00:00:00Z"}, {"advisory": "RHSA-2016:0684", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "nss-0:3.21.0-6.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-04-25T00:00:00Z"}, {"advisory": "RHSA-2016:0591", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "nspr-0:4.11.0-0.1.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-04-05T00:00:00Z"}, {"advisory": "RHSA-2016:0591", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "nss-0:3.21.0-0.3.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-04-05T00:00:00Z"}, {"advisory": "RHSA-2016:0591", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "nss-util-0:3.21.0-0.3.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-04-05T00:00:00Z"}, {"advisory": "RHSA-2016:0685", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nspr-0:4.11.0-1.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-04-25T00:00:00Z"}, {"advisory": "RHSA-2016:0685", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-0:3.21.0-9.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-04-25T00:00:00Z"}, {"advisory": "RHSA-2016:0685", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-softokn-0:3.16.2.3-14.2.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-04-25T00:00:00Z"}, {"advisory": "RHSA-2016:0685", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-util-0:3.21.0-2.2.el7_2", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-04-25T00:00:00Z"}], "bugzilla": {"description": "nss: Use-after-free in NSS during SSL connections in low memory (MFSA 2016-15)", "id": "1315565", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1315565"}, "csaw": false, "cvss": {"cvss_base_score": "5.1", "cvss_scoring_vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Use-after-free vulnerability in the ssl3_HandleECDHServerKeyExchange function in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, allows remote attackers to cause a denial of service or possibly have unspecified other impact by making an SSL (1) DHE or (2) ECDHE handshake at a time of high memory consumption.", "A use-after-free flaw was found in the way NSS handled DHE (Diffie\u2013Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application."], "name": "CVE-2016-1978", "public_date": "2016-03-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-1978\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-1978\nhttps://www.mozilla.org/security/announce/2016/mfsa2016-15.html"], "threat_severity": "Moderate"}