Vulnerability Details : CVE-2016-1950
Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
Vulnerability category: OverflowExecute code
Products affected by CVE-2016-1950
- cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:38.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:network_security_services:3.21:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:network_security_services:3.19.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:network_security_services:3.20:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:network_security_services:3.20.1:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Threat overview for CVE-2016-1950
Top countries where our scanners detected CVE-2016-1950
Top open port discovered on systems with this issue
80
IPs affected by CVE-2016-1950 1,680
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-1950!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-1950
3.01%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1950
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
|
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2016-1950
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-1950
-
http://www.ubuntu.com/usn/USN-2934-1
USN-2934-1: Thunderbird vulnerabilities | Ubuntu security notices
-
https://support.apple.com/HT206169
About the security content of tvOS 9.2 - Apple SupportThird Party Advisory
-
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes
NSS 3.19.2.3 release notes - Mozilla | MDNRelease Notes
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
[security-announce] SUSE-SU-2016:0909-1: important: Security update for
-
https://support.apple.com/HT206168
About the security content of watchOS 2.2 - Apple SupportThird Party Advisory
-
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
Apple - Lists.apple.comMailing List
-
http://www.ubuntu.com/usn/USN-2917-1
USN-2917-1: Firefox vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2917-3
USN-2917-3: Firefox regressions | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2924-1
USN-2924-1: NSS vulnerability | Ubuntu security notices
-
http://www.securityfocus.com/bid/84223
Mozilla Network Security Services CVE-2016-1950 Heap Buffer Overflow Vulnerability
-
http://rhn.redhat.com/errata/RHSA-2016-0495.html
RHSA-2016:0495 - Security Advisory - Red Hat Customer Portal
-
https://support.apple.com/HT206166
About the security content of iOS 9.3 - Apple SupportThird Party Advisory
-
http://www.securitytracker.com/id/1035215
Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code, Spoof the Address Bar, Overwrite Files, and Deny Service - SecurityTracker
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
[security-announce] SUSE-SU-2016:0777-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
[security-announce] SUSE-SU-2016:0820-1: important: Security update for
-
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Oracle Critical Patch Update - October 2017
-
https://support.apple.com/HT206167
About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002 - Apple SupportThird Party Advisory
-
https://bto.bluecoat.com/security-advisory/sa119
SA119 : Multiple NSS Vulnerabilities
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
[security-announce] openSUSE-SU-2016:1557-1: important: Security updateThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016Third Party Advisory
-
https://security.gentoo.org/glsa/201605-06
Mozilla Products: Multiple vulnerabilities (GLSA 201605-06) — Gentoo security
-
http://www.debian.org/security/2016/dsa-3520
Debian -- Security Information -- DSA-3520-1 icedove
-
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Oracle Critical Patch Update - October 2016Third Party Advisory
-
http://www.mozilla.org/security/announce/2016/mfsa2016-35.html
Buffer overflow during ASN.1 decoding in NSS — MozillaVendor Advisory
-
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
NSS 3.21.1 release notes - Mozilla | MDNRelease Notes
-
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
Apple - Lists.apple.comMailing List
-
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
Apple - Lists.apple.comMailing List
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
[security-announce] openSUSE-SU-2016:0731-1: important: Security update
-
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
Apple - Lists.apple.comMailing List
-
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
Oracle VM Server for x86 Bulletin - July 2016Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
[security-announce] openSUSE-SU-2016:0733-1: important: Security update
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1245528
Bugzilla.mozilla.org is offlineIssue Tracking
-
http://www.debian.org/security/2016/dsa-3688
Debian -- Security Information -- DSA-3688-1 nss
-
http://www.ubuntu.com/usn/USN-2917-2
USN-2917-2: Firefox regressions | Ubuntu security notices
-
http://www.debian.org/security/2016/dsa-3510
Debian -- Security Information -- DSA-3510-1 iceweasel
-
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
Oracle Critical Patch Update - July 2017
-
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
[security-announce] SUSE-SU-2016:0727-1: important: Security update for
Jump to