#VU23467 Input validation error


Published: 2019-12-09

Vulnerability identifier: #VU23467

Vulnerability risk: Medium

CVSSv3: 6.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-17007

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Mozilla NSS
Universal components / Libraries / Libraries used by multiple products

Vendor: Mozilla

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the collect_certs() function in /lib/pkcs7/certread.c in Mozilla NSS library. A remote attacker can supply a specially crafted certificate to the application and perform a denial of service attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Mozilla NSS: 3.0.1, 3.1, 3.1.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.3.4.4, 3.3.4.5, 3.3.4.6, 3.3.4.7, 3.3.4.8, 3.3.11, 3.4, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.4.5, 3.5, 3.6, 3.6.1, 3.7, 3.7.1, 3.7.2, 3.7.3, 3.7.4, 3.7.5, 3.7.6, 3.7.7, 3.7.8, 3.7.9, 3.7.10, 3.7.11, 3.8, 3.8.1, 3.8.2, 3.9, 3.9.1, 3.9.2, 3.9.3, 3.9.4, 3.9.5, 3.10, 3.10.1, 3.10.2, 3.11, 3.11.1, 3.11.2, 3.11.3, 3.11.4, 3.11.5, 3.11.6, 3.11.7, 3.11.8, 3.11.9, 3.11.10, 3.12, 3.12.1, 3.12.2, 3.12.3, 3.12.3.1, 3.12.3.2, 3.12.4, 3.12.5, 3.12.6, 3.12.7, 3.12.8, 3.12.9, 3.12.9.1, 3.12.10, 3.12.11, 3.13, 3.13.1, 3.13.2, 3.13.3, 3.13.4, 3.13.5, 3.13.6, 3.14, 3.14.1, 3.14.2, 3.14.3, 3.14.4, 3.14.5, 3.15, 3.15.1, 3.15.2, 3.15.3, 3.15.3.1, 3.15.4, 3.15.5, 3.16, 3.16.1, 3.16.2, 3.16.2.1, 3.16.2.2, 3.16.2.3, 3.16.3, 3.16.4, 3.16.5, 3.16.6, 3.17, 3.17.1, 3.17.2, 3.17.3, 3.17.4, 3.18, 3.18.1, 3.19, 3.19.1, 3.19.2, 3.19.2.1, 3.19.2.2, 3.19.2.3, 3.19.2.4, 3.19.3, 3.19.4, 3.20, 3.20.1, 3.20.2, 3.21, 3.21.1, 3.21.2, 3.21.3, 3.21.4, 3.22, 3.22.1, 3.22.2, 3.22.3, 3.23, 3.24, 3.25, 3.25.1, 3.26, 3.26.1, 3.26.2, 3.27, 3.27.1, 3.27.2, 3.28, 3.28.1, 3.28.2, 3.28.3, 3.28.4, 3.28.5, 3.28.6, 3.29, 3.29.1, 3.29.2, 3.29.3, 3.29.4, 3.29.5, 3.30, 3.30.1, 3.30.2, 3.31, 3.31.1, 3.32, 3.32.1, 3.33, 3.34, 3.34.1, 3.35, 3.36, 3.36.1, 3.36.2, 3.36.3, 3.36.4, 3.36.5, 3.36.6, 3.36.7, 3.36.8, 3.37, 3.37.1, 3.37.2, 3.37.3, 3.38, 3.39, 3.40, 3.40.1, 3.41, 3.41.1, 3.42, 3.42.1, 3.43, 3.44, 3.44.1, 3.44.2, 3.45, 3.46, 3.46.1, 3.47

CPE

External links
https://bugs.chromium.org/p/project-zero/issues/detail?id=1798


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability