First published: Fri Nov 15 2019(Updated: )
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
Credit: security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla NSS | <3.26 | |
Debian Debian Linux | =8.0 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Redhat Enterprise Linux | =5.0 | |
Redhat Enterprise Linux | =6.0 | |
Redhat Enterprise Linux | =7.0 | |
SUSE Linux Enterprise Server | =11-sp2 | |
Avaya Aura Application Enablement Services | >=6.1<=6.3.3 | |
Avaya Aura Application Enablement Services | =7.0 | |
Avaya Aura Application Server 5300 | =3.0 | |
Avaya Aura Application Server 5300 | =3.0-sp1 | |
Avaya Aura Application Server 5300 | =3.0-sp10 | |
Avaya Aura Application Server 5300 | =3.0-sp10.1 | |
Avaya Aura Application Server 5300 | =3.0-sp11 | |
Avaya Aura Application Server 5300 | =3.0-sp11.1 | |
Avaya Aura Application Server 5300 | =3.0-sp12 | |
Avaya Aura Application Server 5300 | =3.0-sp12.1 | |
Avaya Aura Application Server 5300 | =3.0-sp12.2 | |
Avaya Aura Application Server 5300 | =3.0-sp12.3 | |
Avaya Aura Application Server 5300 | =3.0-sp12.5 | |
Avaya Aura Application Server 5300 | =3.0-sp3 | |
Avaya Aura Application Server 5300 | =3.0-sp5 | |
Avaya Aura Application Server 5300 | =3.0-sp7 | |
Avaya Aura Communication Manager | >=6.0<=6.3.117.0 | |
Avaya Aura Communication Manager | =7.0 | |
Avaya Aura Communication Manager | =7.0-sp | |
Avaya Aura Communication Manager | =7.0-sp3 | |
Avaya Aura Communication Manager Messagint | =7.0 | |
Avaya Aura Communication Manager Messagint | =7.0-sp1 | |
Avaya Breeze Platform | >=3.0<=3.2 | |
Avaya Call Management System | >=18.0.0.1<=18.0.0.2 | |
Avaya Call Management System | =17.0 | |
Avaya Call Management System | =17.0-r3 | |
Avaya Call Management System | =17.0-r4 | |
Avaya Call Management System | =17.0-r5 | |
Avaya Call Management System | =17.0-r6 | |
Avaya Iq | =5.2.x | |
Avaya Cs1000e Firmware | >=7.0<=7.6 | |
Avaya Cs1000e | ||
Avaya Cs1000m Firmware | >=7.0<=7.6 | |
Avaya Cs1000m | ||
Avaya Cs1000e\/cs1000m Signaling Server Firmware | >=7.0<=7.6 | |
Avaya Cs1000e\/cs1000m Signaling Server | ||
Avaya Aura Conferencing | =7.0 | |
Avaya Aura Conferencing | =7.2 | |
Avaya Aura Conferencing | =8.0 | |
Avaya Aura Conferencing | =8.0-sp2 | |
Avaya Aura Conferencing | =8.0-sp4 | |
Avaya Aura Conferencing | =8.0-sp5 | |
Avaya Aura Conferencing | =8.0-sp7 | |
Avaya Aura Conferencing | =8.0-sp8 | |
Avaya Aura Conferencing | =8.0-sp9 | |
Avaya Aura Experience Portal | >=6.0<=7.1 | |
Avaya IP Office | =8.1 | |
Avaya IP Office | =9.1 | |
Avaya IP Office | =9.1-sp1 | |
Avaya IP Office | =9.1-sp10 | |
Avaya IP Office | =9.1-sp11 | |
Avaya IP Office | =9.1-sp12 | |
Avaya IP Office | =9.1-sp3 | |
Avaya IP Office | =9.1-sp4 | |
Avaya IP Office | =9.1-sp5 | |
Avaya IP Office | =9.1-sp6 | |
Avaya IP Office | =9.1-sp7 | |
Avaya IP Office | =9.1-sp8 | |
Avaya IP Office | =9.1-sp9 | |
Avaya IP Office | =10.0 | |
Avaya IP Office | =10.0-sp1 | |
Avaya IP Office | =10.0-sp2 | |
Avaya IP Office | =10.0-sp3 | |
Avaya IP Office | =10.0-sp4 | |
Avaya IP Office | =10.0-sp5 | |
Avaya IP Office | =10.0-sp6 | |
Avaya IP Office | =10.0-sp7 | |
Avaya Aura Messaging | =6.3 | |
Avaya Aura Messaging | =6.3.3 | |
Avaya Aura Messaging | =6.3.3-sp4 | |
Avaya Aura Messaging | =6.3.3-sp5 | |
Avaya Aura Messaging | =6.3.3-sp6 | |
Avaya Aura Session Manager | >=6.3<=6.3.18 | |
Avaya Aura Session Manager | =7.0 | |
Avaya Aura Session Manager | =7.0-sp1 | |
Avaya Aura Session Manager | =7.0-sp2 | |
Avaya Aura Session Manager | =7.0.1 | |
Avaya Aura Session Manager | =7.0.1-sp1 | |
Avaya Aura Session Manager | =7.0.1-sp2 | |
Avaya Aura System Manager | >=6.3<=6.3.18 | |
Avaya Aura System Manager | >=7.0<=7.0.1.3 | |
Avaya Aura Utility Services | >=6.3<=6.3.14 | |
Avaya Aura Utility Services | >=7.0<=7.0.1.2 | |
Avaya Meeting Exchange | =6.2 | |
Avaya Meeting Exchange | =6.2-sp3 | |
Avaya Message Networking | >=5.2<=6.3 | |
Avaya One-x Client Enablement Services | =6.2 | |
Avaya One-x Client Enablement Services | =6.2-sp1 | |
Avaya One-x Client Enablement Services | =6.2-sp2 | |
Avaya One-x Client Enablement Services | =6.2-sp5 | |
Avaya Proactive Contact | >=5.0<=5.1.2 | |
Avaya Session Border Controller For Enterprise Firmware | >=6.2<=6.3 | |
Avaya Session Border Controller For Enterprise Firmware | >=7.0<=7.1 | |
Avaya Session Border Controller for Enterprise | ||
Avaya Aura System Platform Firmware | >=6.3<=6.4.0 | |
Avaya Aura System Platform |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.