Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2014-1569 | First vendor Publication | 2014-12-15 |
Vendor | Cve | Last vendor Modification | 2017-09-22 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The definite_length_decoder function in lib/util/quickder.c in Mozilla Network Security Services (NSS) before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long byte sequence for an encoding, as demonstrated by the SEC_QuickDERDecodeItem function's improper handling of an arbitrary-length encoding of 0x00. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1569 |
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-07-16 | IAVM : 2015-A-0154 - Multiple Vulnerabilities in Oracle Fusion Middleware Severity : Category I - VMSKEY : V0061081 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-07-23 | Name : The remote web server is affected by a remote code injection vulnerability. File : sun_java_web_server_7_0_22.nasl - Type : ACT_GATHER_INFO |
2015-07-23 | Name : The remote proxy web server is affected by a remote code injection vulnerabil... File : iplanet_web_proxy_4_0_26.nasl - Type : ACT_GATHER_INFO |
2015-07-16 | Name : The remote web server is affected by multiple vulnerabilities. File : glassfish_cpu_jul_2015.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0173-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0171-1.nasl - Type : ACT_GATHER_INFO |
2015-05-20 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2015-0076-1.nasl - Type : ACT_GATHER_INFO |
2015-03-26 | Name : The remote Debian host is missing a security update. File : debian_DLA-154.nasl - Type : ACT_GATHER_INFO |
2015-03-19 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2015-059.nasl - Type : ACT_GATHER_INFO |
2015-03-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3186.nasl - Type : ACT_GATHER_INFO |
2015-03-02 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2015-185.nasl - Type : ACT_GATHER_INFO |
2015-02-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201501-150127.nasl - Type : ACT_GATHER_INFO |
2015-02-02 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_firefox-201501-150126.nasl - Type : ACT_GATHER_INFO |
2015-01-08 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2452-1.nasl - Type : ACT_GATHER_INFO |
2015-01-08 | Name : The remote Fedora host is missing one or more security updates. File : fedora_2014-16530.nasl - Type : ACT_GATHER_INFO |
2014-12-26 | Name : The remote Fedora host is missing a security update. File : fedora_2014-17085.nasl - Type : ACT_GATHER_INFO |
2014-12-16 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-252.nasl - Type : ACT_GATHER_INFO |
2014-12-04 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_7ae618709dd24884a2f2f19bb5784d09.nasl - Type : ACT_GATHER_INFO |
2014-12-02 | Name : The remote Mac OS X host contains a web browser that is affected by multiple ... File : macosx_firefox_34.nasl - Type : ACT_GATHER_INFO |
2014-12-02 | Name : The remote Windows host contains a mail client that is affected by multiple v... File : mozilla_thunderbird_31_3.nasl - Type : ACT_GATHER_INFO |
2014-12-02 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_34.nasl - Type : ACT_GATHER_INFO |
2014-12-02 | Name : The remote Windows host contains a web browser that is affected by multiple v... File : mozilla_firefox_31_3_esr.nasl - Type : ACT_GATHER_INFO |
2014-12-02 | Name : The remote Mac OS X host contains a mail client that is affected by multiple ... File : macosx_thunderbird_31_3.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:30:00 |
|
2021-04-22 01:36:17 |
|
2020-05-23 01:51:15 |
|
2020-05-23 00:40:02 |
|
2018-08-10 12:04:14 |
|
2018-01-11 12:05:40 |
|
2017-09-22 09:24:09 |
|
2016-10-04 09:24:04 |
|
2016-04-07 09:21:40 |
|
2015-10-23 09:22:55 |
|
2015-10-18 17:22:28 |
|
2015-07-24 13:29:05 |
|
2015-07-18 13:28:13 |
|
2015-07-17 09:19:23 |
|
2015-05-21 13:31:13 |
|
2015-03-27 13:28:07 |
|
2015-03-20 13:28:50 |
|
2015-03-18 13:27:18 |
|
2015-03-18 09:26:30 |
|
2015-03-03 13:25:15 |
|
2015-02-03 13:24:11 |
|
2015-01-09 13:26:16 |
|
2014-12-27 13:25:02 |
|
2014-12-17 13:25:22 |
|
2014-12-16 21:23:43 |
|
2014-12-15 21:24:09 |
|