what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

CVE-2019-11745

Status Candidate

Overview

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Related Files

Ubuntu Security Notice USN-4335-1
Posted Apr 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4335-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-11755, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903, CVE-2019-17005, CVE-2019-17008, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2020-6792, CVE-2020-6794, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814, CVE-2020-6821, CVE-2020-6822, CVE-2020-6825
MD5 | c86e86afb9b7eb66cd0dc89a57af7b70
Red Hat Security Advisory 2020-1461-01
Posted Apr 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1461-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2019-11745
MD5 | fa864e1bc8392e042441c525725153ac
Red Hat Security Advisory 2020-1345-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1345-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2019-11745
MD5 | 3f42871da847f939eaf14aca5d364fdf
Red Hat Security Advisory 2020-1267-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1267-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2019-11745
MD5 | c15af207a080dc56dda26f7654fd9802
Gentoo Linux Security Advisory 202003-37
Posted Mar 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-37 - Multiple vulnerabilities have been found in Mozilla Network Security Service (NSS), the worst of which may lead to arbitrary code execution. Versions less than 3.49 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698, CVE-2018-18508, CVE-2019-11745
MD5 | 7824b2d2113f0f93b2e8a0e692d28ed7
Gentoo Linux Security Advisory 202003-10
Posted Mar 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-10 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.6.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-11745, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-20503, CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814
MD5 | d2d78d4b9907d9584a0fd98e165c86a1
Gentoo Linux Security Advisory 202003-02
Posted Mar 12, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-2 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 68.6.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-11745, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503, CVE-2020-6796, CVE-2020-6797, CVE-2020-6798, CVE-2020-6799, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814
MD5 | 51be70ff1eb22cdc247b5d338e202916
Red Hat Security Advisory 2020-0466-01
Posted Feb 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0466-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. An out-of-bounds write was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
MD5 | dd5c491a38b273c43b1992542f193d8f
Red Hat Security Advisory 2020-0243-01
Posted Jan 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0243-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include an out-of-bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
MD5 | c40bbb88329d4f188bcff92d162c87b4
Ubuntu Security Notice USN-4241-1
Posted Jan 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4241-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, or execute arbitrary code. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
MD5 | 3610655eb691555973e60450f99803ce
Red Hat Security Advisory 2019-4190-01
Posted Dec 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4190-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services libraries. An out-of-bounds write vulnerability was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11729, CVE-2019-11745
MD5 | 971ffb21a61e8977f95fb83f968d8364
Red Hat Security Advisory 2019-4152-01
Posted Dec 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4152-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. An out-of-bounds write vulnerability has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
MD5 | f49183fa76924922724dc8d6b1bcc25a
Ubuntu Security Notice USN-4216-1
Posted Dec 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4216-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-17010, CVE-2019-17014
MD5 | aa57efb97c1e1c7d39ab902468dc590a
Debian Security Advisory 4579-1
Posted Dec 9, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4579-1 - Two vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2019-11745, CVE-2019-17007
MD5 | 2bef598cf156091dbae46fa68159b7c8
Red Hat Security Advisory 2019-4114-01
Posted Dec 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4114-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. An out-of-bounds write was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
MD5 | d40c8e0fcd049091fbf544327b3d0891
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 4, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-11745, CVE-2019-13722, CVE-2019-17005, CVE-2019-17008, CVE-2019-17009, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012
MD5 | 758860f6c872ea29772338afe9e1cded
Ubuntu Security Notice USN-4203-2
Posted Nov 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4203-2 - USN-4203-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11745
MD5 | e3c81da24686986b81918cb98c31ffce
Ubuntu Security Notice USN-4203-1
Posted Nov 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4203-1 - It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11745
MD5 | 05573b211f4c44450d8676b2857ee497
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close