The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.
Metrics
Affected Vendors & Products
References
History
Mon, 21 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:mozilla:firefox_esr:10.0.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:10.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Mozilla firefox Esr
|
Mon, 21 Oct 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:mozilla:firefox_esr:10.0.4:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:10.0.3:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:10.0.4:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2012-06-05T23:00:00
Updated: 2024-08-06T18:23:31.031Z
Reserved: 2012-01-09T00:00:00
Link: CVE-2012-0441
Vulnrichment
No data.
NVD
Status : Modified
Published: 2012-06-05T23:55:01.403
Modified: 2024-11-21T01:34:58.213
Link: CVE-2012-0441
Redhat