exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

CVE-2019-11745

Status Candidate

Overview

When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.3, Firefox ESR < 68.3, and Firefox < 71.

Related Files

Ubuntu Security Notice USN-4335-1
Posted Apr 22, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4335-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, bypass same-origin restrictions, conduct cross-site scripting attacks, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-11755, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11763, CVE-2019-11764, CVE-2019-15903, CVE-2019-17005, CVE-2019-17008, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2020-6792, CVE-2020-6794, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814, CVE-2020-6821, CVE-2020-6822, CVE-2020-6825
SHA-256 | 5b0f96c8e531ef4c9797c7c8b829d69de481a70cc62c8097c6bd38d1c1677453
Red Hat Security Advisory 2020-1461-01
Posted Apr 15, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1461-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2019-11745
SHA-256 | 6f849628c8283933e795cc7c5a43d9c1b76b0d0812a2ec3ca6dcc3f40b6d9960
Red Hat Security Advisory 2020-1345-01
Posted Apr 7, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1345-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2019-11745
SHA-256 | d852834b4835e74d1e0d4154ee53eff6902a40b19a727bd5211d084bed71c503
Red Hat Security Advisory 2020-1267-01
Posted Apr 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-1267-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Issues addressed include an out of bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2018-0495, CVE-2019-11745
SHA-256 | 5350bb35d8c7d7eea515109a95e3e2815a160686848a4873fc1a60b9513fb2bd
Gentoo Linux Security Advisory 202003-37
Posted Mar 16, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-37 - Multiple vulnerabilities have been found in Mozilla Network Security Service (NSS), the worst of which may lead to arbitrary code execution. Versions less than 3.49 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698, CVE-2018-18508, CVE-2019-11745
SHA-256 | e9805e9636b2bf86f162d5bc5ca500582a56c292fba712206703f462299a272d
Gentoo Linux Security Advisory 202003-10
Posted Mar 14, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-10 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the worst of which could result in the arbitrary execution of code. Versions less than 68.6.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-11745, CVE-2019-11757, CVE-2019-11759, CVE-2019-11760, CVE-2019-11761, CVE-2019-11762, CVE-2019-11763, CVE-2019-11764, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-20503, CVE-2020-6792, CVE-2020-6793, CVE-2020-6794, CVE-2020-6795, CVE-2020-6798, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814
SHA-256 | 2bd6c6d0e9248abe6d1894cda6c23b4295f3ce1bc21529d3a5ffdc34d8150bbd
Gentoo Linux Security Advisory 202003-02
Posted Mar 12, 2020
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202003-2 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 68.6.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2019-11745, CVE-2019-17005, CVE-2019-17008, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17017, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026, CVE-2019-20503, CVE-2020-6796, CVE-2020-6797, CVE-2020-6798, CVE-2020-6799, CVE-2020-6800, CVE-2020-6805, CVE-2020-6806, CVE-2020-6807, CVE-2020-6811, CVE-2020-6812, CVE-2020-6814
SHA-256 | 4a3a64b36591f6d0a1c27da9abbfe2f11b8739c200ebb1844cc7866106d27e08
Red Hat Security Advisory 2020-0466-01
Posted Feb 11, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0466-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. An out-of-bounds write was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
SHA-256 | 328281cc43d7f4c03bf42e66dae205249de58525158bbb33aca4ee51247f013c
Red Hat Security Advisory 2020-0243-01
Posted Jan 27, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0243-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Issues addressed include an out-of-bounds write vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
SHA-256 | 955494d44af6a5a19b90ef26d4c02b1d1a2ba35b61cc366515859a519592c580
Ubuntu Security Notice USN-4241-1
Posted Jan 17, 2020
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4241-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, conduct cross-site scripting attacks, or execute arbitrary code. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could potentially exploit this to cause a denial of service, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, xss
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-17011, CVE-2019-17012, CVE-2019-17016, CVE-2019-17022, CVE-2019-17024, CVE-2019-17026
SHA-256 | a603d0f1422c63c0f865910e3f32286250ba5122b98aab03efc19e2e49087c05
Red Hat Security Advisory 2019-4190-01
Posted Dec 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4190-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. The nss-util packages provide utilities for use with the Network Security Services libraries. An out-of-bounds write vulnerability was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11729, CVE-2019-11745
SHA-256 | c6309421d9f435509de27d878786d1b1be6de862683ea853d6042b272f929b5f
Red Hat Security Advisory 2019-4152-01
Posted Dec 10, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4152-01 - The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. An out-of-bounds write vulnerability has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
SHA-256 | d80f57e0335040e0050c95d5478f05c4687da2e6759b7d28e50f46b374ae3bac
Ubuntu Security Notice USN-4216-1
Posted Dec 9, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4216-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11745, CVE-2019-17010, CVE-2019-17014
SHA-256 | f5f18bcd49f99f11bec1bec907e6fdb56df52f1469733dd49e1993577ad3260c
Debian Security Advisory 4579-1
Posted Dec 9, 2019
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4579-1 - Two vulnerabilities were discovered in NSS, a set of cryptographic libraries, which may result in denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2019-11745, CVE-2019-17007
SHA-256 | 6e2f2513bc65e7ec3347fb0f7c18fdcf22e796ef57dd755d37c60e2063b7746a
Red Hat Security Advisory 2019-4114-01
Posted Dec 9, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-4114-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. An out-of-bounds write was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-11745
SHA-256 | 8f34b769e5fc49dd0df4e862edaeccc1b3a9139ef81188faf76c4295aef79e9c
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 4, 2019
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2019-11745, CVE-2019-13722, CVE-2019-17005, CVE-2019-17008, CVE-2019-17009, CVE-2019-17010, CVE-2019-17011, CVE-2019-17012
SHA-256 | 15e55fbcf0e46f52c452659cc5536923f77e0d93866281a4ade6de408cc3a5c4
Ubuntu Security Notice USN-4203-2
Posted Nov 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4203-2 - USN-4203-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11745
SHA-256 | 0dc3942145547db7073c63f6ed48403541f54ab1a7bc5cfe6da8ba310b7067d9
Ubuntu Security Notice USN-4203-1
Posted Nov 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4203-1 - It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-11745
SHA-256 | 26d9f79b62cfc9666137eb11e7d3580960296b1498984ff8db3f39ee2986e7c3
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close