|Number of vulnerabilities||1|
|CVE ID|| CVE-2017-7502
|CWE ID|| CWE-476
|Public exploit||Not available|
|Vulnerable software versions||
Mozilla NSS 3.28.1
Mozilla NSS 3.28
Mozilla NSS 3.27.2
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference error in NSS since 3.24.0 when processing empty SSLv2 messages, received from clients. A remote attacker can send specially crafted request to vulnerable service and perform denial of service attack.
Install update from vendor's repository.