{"containers": {"cna": {"affected": [{"product": "Network Security Services", "vendor": "Mozilla", "versions": [{"status": "affected", "version": "3.24"}]}], "datePublic": "2016-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."}], "problemTypes": [{"descriptions": [{"description": "denial of service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-09T19:53:19", "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "shortName": "mozilla"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securityfocus.com/bid/94349"}, {"tags": ["x_refsource_MISC"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"}, {"tags": ["x_refsource_MISC"], "url": "https://security.gentoo.org/glsa/201701-46"}, {"tags": ["x_refsource_MISC"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"}, {"tags": ["x_refsource_MISC"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ubuntu.com/usn/USN-3163-1"}, {"tags": ["x_refsource_MISC"], "url": "https://bto.bluecoat.com/security-advisory/sa137"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@mozilla.org", "ID": "CVE-2016-5285", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Network Security Services", "version": {"version_data": [{"version_value": "3.24"}]}}]}, "vendor_name": "Mozilla"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "denial of service"}]}]}, "references": {"reference_data": [{"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"}, {"name": "http://www.securityfocus.com/bid/94349", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/94349"}, {"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"}, {"name": "https://security.gentoo.org/glsa/201701-46", "refsource": "MISC", "url": "https://security.gentoo.org/glsa/201701-46"}, {"name": "http://rhn.redhat.com/errata/RHSA-2016-2779.html", "refsource": "MISC", "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"}, {"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html", "refsource": "MISC", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"}, {"name": "http://www.ubuntu.com/usn/USN-3163-1", "refsource": "MISC", "url": "http://www.ubuntu.com/usn/USN-3163-1"}, {"name": "https://bto.bluecoat.com/security-advisory/sa137", "refsource": "MISC", "url": "https://bto.bluecoat.com/security-advisory/sa137"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103", "refsource": "CONFIRM", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T00:53:48.923Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securityfocus.com/bid/94349"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.gentoo.org/glsa/201701-46"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3163-1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bto.bluecoat.com/security-advisory/sa137"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"}]}]}, "cveMetadata": {"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe", "assignerShortName": "mozilla", "cveId": "CVE-2016-5285", "datePublished": "2019-11-15T15:44:05", "dateReserved": "2016-06-03T00:00:00", "dateUpdated": "2024-08-06T00:53:48.923Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*", "matchCriteriaId": "2AC43A23-2511-42A3-BA33-C6BABE962FB1", "versionEndExcluding": "3.26", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*", "matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:aura_application_enablement_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "D638A011-7DFF-4369-95DB-EE977A9B34DD", "versionEndIncluding": "6.3.3", "versionStartIncluding": "6.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_enablement_services:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "00127FED-CA13-44FA-89D5-068A3BFD1782", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:-:*:*:*:*:*:*", "matchCriteriaId": "3FD52516-C173-4F55-A4F1-11E1623E0430", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "3BAF15A8-A2D8-487E-960F-EB10524A49B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10:*:*:*:*:*:*", "matchCriteriaId": "8EE8624E-3F8F-4AC0-9BC9-5DBF2A3BBA83", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10.1:*:*:*:*:*:*", "matchCriteriaId": "3C30F303-BA9F-4934-A358-4EA4C04EB948", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11:*:*:*:*:*:*", "matchCriteriaId": "D9F3ABDF-6A28-492E-8F6B-53192E7D1917", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11.1:*:*:*:*:*:*", "matchCriteriaId": "5B984320-0031-4CEF-BDE5-5A5E274DEE11", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12:*:*:*:*:*:*", "matchCriteriaId": "DE3EDB11-5831-403F-B6BB-3A84C0943487", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.1:*:*:*:*:*:*", "matchCriteriaId": "FD108976-1E55-47F6-806B-2F61661CA128", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.2:*:*:*:*:*:*", "matchCriteriaId": "A789ADCD-3BAF-4EE3-8342-AFBEF026F71B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.3:*:*:*:*:*:*", "matchCriteriaId": "CADCC5A5-8BE4-41FD-BC8D-81607159998B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.5:*:*:*:*:*:*", "matchCriteriaId": "0D0E4D1B-CA60-4219-ACD7-97BE0B8E10D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "18C2C82C-E595-4323-88A7-CE5D23E9F6E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp5:*:*:*:*:*:*", "matchCriteriaId": "164809B0-EB36-470E-B9B2-75D5B2754600", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp7:*:*:*:*:*:*", "matchCriteriaId": "2E2F66A4-FB3A-49BB-AD18-5630A057907B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB1E43C1-EF6C-423B-A5D0-32E852E4C358", "versionEndIncluding": "6.3.117.0", "versionStartIncluding": "6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_communication_manager:7.0:-:*:*:*:*:*:*", "matchCriteriaId": "2C2E06A0-09B4-40C9-8A62-0EE0BFE1DECA", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_communication_manager:7.0:sp:*:*:*:*:*:*", "matchCriteriaId": "615496B7-5D31-46F5-8795-37ADD595C886", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_communication_manager:7.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "53379B70-20CC-4827-AE6A-A1DFA11B3733", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:-:*:*:*:*:*:*", "matchCriteriaId": "03D34DA0-C975-4A13-BD7E-575CCAE390BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "D635CBA4-B881-4113-BA27-6D0EE1CF6E39", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:breeze_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "8B33AAA6-8BFD-4398-8DC4-1F7C3B94FDF4", "versionEndIncluding": "3.2", "versionStartIncluding": "3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*", "matchCriteriaId": "D6DC0A0C-0FC6-439D-B865-634726034705", "versionEndIncluding": "18.0.0.2", "versionStartIncluding": "18.0.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:-:*:*:*:*:*:*", "matchCriteriaId": "E328FD0E-115F-4092-AE1E-C22B72350B0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r3:*:*:*:*:*:*", "matchCriteriaId": "349543A5-1FD9-46B4-8EAB-52E524A8DF0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r4:*:*:*:*:*:*", "matchCriteriaId": "8D6AA6F0-7AF5-4CC0-8202-65BA15086BF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r5:*:*:*:*:*:*", "matchCriteriaId": "A96492BE-C5FC-4936-9B1A-E4675ABB9D79", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r6:*:*:*:*:*:*", "matchCriteriaId": "373F0F03-AC30-4D50-B2F5-30DAEF52C8B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:iq:5.2.x:*:*:*:*:*:*:*", "matchCriteriaId": "5C6923AF-6862-4D6C-985A-CF8BF5C3D868", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:avaya:cs1000e_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0F339C1D-A2C2-4885-B1C6-76923B09C18C", "versionEndIncluding": "7.6", "versionStartIncluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:avaya:cs1000e:-:*:*:*:*:*:*:*", "matchCriteriaId": "EAB8A1AD-47C2-44F9-9C84-796FE0168E5A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:avaya:cs1000m_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2139CFD-0302-4281-9D9F-70E7D28B8354", "versionEndIncluding": "7.6", "versionStartIncluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:avaya:cs1000m:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDA76EA5-A0AA-4985-9AE5-0C6FA1469E0C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:avaya:cs1000e\\/cs1000m_signaling_server_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "53F50E03-897D-45D4-BE6A-3D7B4D0D79F9", "versionEndIncluding": "7.6", "versionStartIncluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:avaya:cs1000e\\/cs1000m_signaling_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1690698-8AB7-4129-8935-F08A6D52B559", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:aura_conferencing:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "8A5B17F8-B06D-4E95-83F8-AA2AAA90677A", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "E1A754AC-0023-4A0C-BFFB-6BF7758435B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:-:*:*:*:*:*:*", "matchCriteriaId": "4FC61B45-0975-4ED1-BD28-BB5EE5F3A51D", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "838A248E-F9E2-4016-82C5-6AAEA21B5F0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp4:*:*:*:*:*:*", "matchCriteriaId": "A1BB9C6F-0171-41E7-A4FF-CDBCE360EDAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp5:*:*:*:*:*:*", "matchCriteriaId": "4C0B69F2-7AB0-4E22-98F4-083E26BDA27B", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp7:*:*:*:*:*:*", "matchCriteriaId": "5FC7A8E0-5AEF-4FA3-AC1D-63F7F609E781", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp8:*:*:*:*:*:*", "matchCriteriaId": "DEFC084B-FCC2-438E-B65D-8B139F995551", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp9:*:*:*:*:*:*", "matchCriteriaId": "FDD6F033-9716-42FB-9A2F-B08EDAAE1438", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_experience_portal:*:*:*:*:*:*:*:*", "matchCriteriaId": "E3910F71-B4AE-40CC-9EDC-27160869A4FC", "versionEndIncluding": "7.1", "versionStartIncluding": "6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:ip_office:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "28DCFA27-23EB-4BBE-A020-F1854E4064A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:-:*:*:*:*:*:*", "matchCriteriaId": "51C14CE3-651D-4503-9711-088B9CF773A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "9468982C-DB32-490B-9131-9D35E8339467", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp10:*:*:*:*:*:*", "matchCriteriaId": "4B490A4A-A837-4CC6-8A44-5A7F03D73619", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp11:*:*:*:*:*:*", "matchCriteriaId": "C4A09C00-8D54-4674-A1D9-2F5AAD44CDD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp12:*:*:*:*:*:*", "matchCriteriaId": "67BFAB48-462F-4E95-9619-7A54E4BDF6F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp3:*:*:*:*:*:*", "matchCriteriaId": "E488E9F3-5329-43F1-AC9D-36760B95C91A", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp4:*:*:*:*:*:*", "matchCriteriaId": "CDD19739-0237-4C6F-9B6C-E47C9053F82A", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp5:*:*:*:*:*:*", "matchCriteriaId": "ACC5B2C8-CA4E-4482-8842-52886C5D5397", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp6:*:*:*:*:*:*", "matchCriteriaId": "09060F4E-DDB3-4C45-B628-6357ED0FA008", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp7:*:*:*:*:*:*", "matchCriteriaId": "7C6013D3-4D4C-46F8-82E6-271FB44FD126", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp8:*:*:*:*:*:*", "matchCriteriaId": "B1BED830-57D9-4051-B9D0-4E010AFA7451", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp9:*:*:*:*:*:*", "matchCriteriaId": "110B4593-6CF2-443B-AC7D-7DA98C44058C", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:-:*:*:*:*:*:*", "matchCriteriaId": "0AF32565-F747-4450-841E-B54E2977BA91", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "B86F3D17-7408-4721-9921-3EB702018C6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "BA3D7B64-7AD6-47D0-846D-A70C2838B653", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "0EF71DB4-1523-4270-B0D8-0D20A2A6EAE8", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp4:*:*:*:*:*:*", "matchCriteriaId": "2E32E623-597A-4931-B7CF-EED6EEBA61DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp5:*:*:*:*:*:*", "matchCriteriaId": "47898FEC-4BB7-469F-9020-2D9FB1B2C50E", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp6:*:*:*:*:*:*", "matchCriteriaId": "D429B865-B22A-4F9B-922F-D1F817DF1147", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp7:*:*:*:*:*:*", "matchCriteriaId": "AE40493E-ED60-4BFC-9E48-D3148E4D0834", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "BF272A94-7530-4DA2-9933-87984366BFAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:-:*:*:*:*:*:*", "matchCriteriaId": "F428AFF6-9DF7-4B7D-AC2E-8031AEA61F10", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp4:*:*:*:*:*:*", "matchCriteriaId": "7C31ABCE-668E-455A-A3BC-6F42E1E5C973", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp5:*:*:*:*:*:*", "matchCriteriaId": "C370E9B0-72EB-47E2-8FD9-F6A65ABE26E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp6:*:*:*:*:*:*", "matchCriteriaId": "834D01F3-8266-4202-BB9A-B2805FE4FEDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_session_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "1433DE76-61AC-44FD-A5A4-1747F8F2FEF9", "versionEndIncluding": "6.3.18", "versionStartIncluding": "6.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0:-:*:*:*:*:*:*", "matchCriteriaId": "AEBC4E93-E283-446B-A928-8B8B51F2C154", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "E88C0156-15E8-4F2F-8015-8ED421874863", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "BEF48D0A-732F-4C32-A3BB-F0F8A777DC1D", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0.1:-:*:*:*:*:*:*", "matchCriteriaId": "81979E50-603A-4210-9C27-F3B9974DC226", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "822B7EBF-C87D-4247-9F7F-10B94A37EEAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp2:*:*:*:*:*:*", "matchCriteriaId": "046A0465-FF7B-4F25-8502-FFD3C6D9D375", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "3B532A02-FF99-4102-AB99-4ED89875E436", "versionEndIncluding": "6.3.18", "versionStartIncluding": "6.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA21572A-1848-4B45-88EE-FAA3A13E4B47", "versionEndIncluding": "7.0.1.3", "versionStartIncluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "B0B3D7C4-968C-4F8D-95A6-FC2BF6DC80EA", "versionEndIncluding": "6.3.14", "versionStartIncluding": "6.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A5C4CAB-B2B9-4892-8183-31AC1DB17FA5", "versionEndIncluding": "7.0.1.2", "versionStartIncluding": "7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:meeting_exchange:6.2:-:*:*:*:*:*:*", "matchCriteriaId": "88AD2F3E-8B67-4FFF-87F0-6624C7026EBB", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:meeting_exchange:6.2:sp3:*:*:*:*:*:*", "matchCriteriaId": "153B3C0F-9FF7-4CC6-BA38-157C66E93410", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6ADC723-586B-4836-9A39-99DFE46E630D", "versionEndIncluding": "6.3", "versionStartIncluding": "5.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:-:*:*:*:*:*:*", "matchCriteriaId": "D0EBE856-466D-4F6B-A10A-B1DFCD703189", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp1:*:*:*:*:*:*", "matchCriteriaId": "1CD0A719-AF58-450B-A6D9-D2AEE9DDE409", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp2:*:*:*:*:*:*", "matchCriteriaId": "A8D3B3F6-EBB2-42DC-8749-EB8C1DF29C95", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp5:*:*:*:*:*:*", "matchCriteriaId": "101133AA-42DF-44E1-A6BC-AA1131EEA2A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:avaya:proactive_contact:*:*:*:*:*:*:*:*", "matchCriteriaId": "E7DEDCFB-3074-4E52-A2D8-0B78B0DBDF85", "versionEndIncluding": "5.1.2", "versionStartIncluding": "5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "143AC145-18D3-41B4-9E6F-DC16B94854B1", "versionEndIncluding": "6.3", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9492A764-F772-428F-B81D-90B109829F0C", "versionEndIncluding": "7.1", "versionStartIncluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:avaya:session_border_controller_for_enterprise:-:*:*:*:*:*:*:*", "matchCriteriaId": "9EA3E439-6712-4345-A918-A300163CAF94", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:avaya:aura_system_platform_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBD8DDDA-535C-4141-B0E5-2B379FA28AB4", "versionEndIncluding": "6.4.0", "versionStartIncluding": "6.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:avaya:aura_system_platform:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC5935AB-8E13-4CD5-8CAE-91A9C5786880", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."}, {"lang": "es", "value": "Existe una vulnerabilidad de desreferencia de puntero nulo en Mozilla Network Security Services debido a una falta de verificaci\u00f3n NULL en PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, lo que podr\u00eda permitir que un usuario malintencionado remoto cause una Denegaci\u00f3n de servicio."}], "id": "CVE-2016-5285", "lastModified": "2020-01-09T20:15:10.723", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-15T16:15:10.110", "references": [{"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"}, {"source": "security@mozilla.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"}, {"source": "security@mozilla.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"}, {"source": "security@mozilla.org", "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"}, {"source": "security@mozilla.org", "url": "http://www.securityfocus.com/bid/94349"}, {"source": "security@mozilla.org", "url": "http://www.ubuntu.com/usn/USN-3163-1"}, {"source": "security@mozilla.org", "url": "https://bto.bluecoat.com/security-advisory/sa137"}, {"source": "security@mozilla.org", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"}, {"source": "security@mozilla.org", "url": "https://security.gentoo.org/glsa/201701-46"}], "sourceIdentifier": "security@mozilla.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2016:2779", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "nss-0:3.21.3-2.el5_11", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2016-11-16T00:00:00Z"}, {"advisory": "RHSA-2016:2779", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "nss-0:3.21.3-2.el6_8", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-11-16T00:00:00Z"}, {"advisory": "RHSA-2016:2779", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "nss-util-0:3.21.3-1.el6_8", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2016-11-16T00:00:00Z"}, {"advisory": "RHSA-2016:2779", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-0:3.21.3-2.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-11-16T00:00:00Z"}, {"advisory": "RHSA-2016:2779", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "nss-util-0:3.21.3-1.1.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-11-16T00:00:00Z"}], "bugzilla": {"description": "nss: Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash", "id": "1383883", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1383883"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.", "A NULL pointer dereference flaw was found in the way NSS handled invalid Diffie-Hellman keys. A remote client could use this flaw to crash a TLS/SSL server using NSS."], "name": "CVE-2016-5285", "public_date": "2016-11-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-5285\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-5285"], "threat_severity": "Moderate"}