CVE-2015-7181

Mozilla Network Security Services < 3.19.2.1 and 3.20.x < 3.20.1 - Use-After-Free via OCTET STRING Data

Title source: llm
STIX 2.1

Description

The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, improperly restricts access to an unspecified data structure, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted OCTET STRING data, related to a "use-after-poison" issue.

References (34)

Core 34
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2016/dsa-3688
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3410
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201512-10
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-12/msg00037.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2785-1
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2791-1
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1981.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2819-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/91787
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1980.html
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3393
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/77416
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2015-12/msg00049.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201605-06
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1034069
Various Sources x_refsource_confirm
https://bto.bluecoat.com/security-advisory/sa119
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1192028

Scores

EPSS 0.0502
EPSS Percentile 89.8%

Details

CWE
CWE-119
Status published
Products (11)
mozilla/firefox 38.0
mozilla/firefox 38.0.1
mozilla/firefox 38.0.5
mozilla/firefox 38.1.0
mozilla/firefox 38.1.1
mozilla/firefox 38.2.0
mozilla/firefox 38.2.1
mozilla/firefox 38.3.0
mozilla/firefox < 41.0.2
mozilla/network_security_services 3.20.0
... and 1 more
Published Nov 05, 2015
Tracked Since Feb 18, 2026