1. Home
  2. Vulnerabilities
  3. CVE-2017-5461

CVE-2017-5461

CVSS v3.0 9.8 (Critical)
98% Progress
CVSS v2.0 7.5 (High)
75% Progress
EPSS 5.40 % (93th)
5.40% Progress
Affected Products 1
Advisories 27
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Network Security Services (NSS) before 3.21.4, 3.22.x through 3.28.x before 3.28.4, 3.29.x before 3.29.5, and 3.30.x before 3.30.1 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact by leveraging incorrect base64 operations.

Weaknesses
CWE-787
Out-of-bounds Write
CVE Status
PUBLISHED
CNA
Mozilla Corporation
Published Date
2017-05-11 01:29:05
(7 years ago)
Updated Date
2021-07-20 23:15:12
(3 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Network Security Services prior 3.21.4 version cpe:2.3:a:mozilla:network_security_services < 3.21.4
  Mozilla Network Security Services above 3.22 version and prior 3.28.4 version cpe:2.3:a:mozilla:network_security_services > 3.22 < 3.28.4
  Mozilla Network Security Services from 3.29 version and prior 3.29.5 version cpe:2.3:a:mozilla:network_security_services >= 3.29 < 3.29.5
  Mozilla Network Security Services from 3.30 version and prior 3.30.1 version cpe:2.3:a:mozilla:network_security_services >= 3.30 < 3.30.1