PT-2016-4930 · Mozilla+2 · Network Security Services+3

Hanno Böck

Publicado

2016-01-26

Atualizado

2024-12-12

CVE-2016-1938

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Mozilla Network Security Services (NSS) versions prior to 3.21 Mozilla Firefox versions prior to 44.0

Description The issue is related to the improper division of numbers in the s mp div function, which might make it easier for remote attackers to defeat cryptographic protection mechanisms. This is achieved by leveraging the use of the mp div or mp exptmod function.

Recommendations For Mozilla Network Security Services (NSS) versions prior to 3.21, update to version 3.21 or later. For Mozilla Firefox versions prior to 44.0, update to version 44.0 or later.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-310

Identificadores relacionados

CVE-2016-1938

DLA-427-1

DLA-480-1

DSA-3688-1

OPENSUSE-SU-2016_0309-1

OPENSUSE-SU-2024:10071-1

OPENSUSE-SU-2024:14572-1

SUSE-SU-2016:0334-1

SUSE-SU-2016:0338-1

SUSE-SU-2016:0584-1

USN-2880-1

USN-2880-2

USN-2903-1

USN-2973-1

Produtos afetados

Firefox

Network Security Services

Suse

Ubuntu

PT-2016-4930 · Mozilla+2 · Network Security Services+3

CVE-2016-1938

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2128