A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
|
Configuration 10 (hide)
|
Configuration 11 (hide)
|
Configuration 12 (hide)
AND |
|
Configuration 13 (hide)
AND |
|
History
No history.
Information
Published : 2019-11-15 16:15
Updated : 2024-02-28 17:28
NVD link : CVE-2016-5285
Mitre link : CVE-2016-5285
CVE.ORG link : CVE-2016-5285
JSON object : View
Products Affected
avaya
- cs1000m
- ip_office
- meeting_exchange
- session_border_controller_for_enterprise_firmware
- message_networking
- aura_conferencing
- aura_communication_manager_messagint
- cs1000e_firmware
- cs1000e\/cs1000m_signaling_server_firmware
- cs1000e\/cs1000m_signaling_server
- one-x_client_enablement_services
- aura_system_platform_firmware
- aura_application_enablement_services
- aura_communication_manager
- aura_experience_portal
- aura_application_server_5300
- call_management_system
- aura_system_platform
- aura_system_manager
- aura_messaging
- breeze_platform
- aura_session_manager
- session_border_controller_for_enterprise
- iq
- proactive_contact
- cs1000e
- cs1000m_firmware
- aura_utility_services
redhat
- enterprise_linux
suse
- linux_enterprise_server
debian
- debian_linux
mozilla
- nss
CWE
CWE-476
NULL Pointer Dereference