CVE-2019-11745: Buffer Overflow
First published: Thu Nov 21 2019(Updated: )
A heap-based buffer overflow was found in the NSC_EncryptUpdate() function in Mozilla nss. A remote attacker could trigger this flaw via SRTP encrypt or decrypt operations, to execute arbitrary code with the permissions of the user running the application (compiled with nss). While the attack complexity is high, the impact to confidentiality, integrity, and availability are high as well.
Credit: security@mozilla.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/nss-softokn | <0:3.44.0-6.el6_10 | 0:3.44.0-6.el6_10 |
| redhat/nss-softokn | <0:3.14.3-23.el6_6 | 0:3.14.3-23.el6_6 |
| redhat/nss | <0:3.44.0-7.el7_7 | 0:3.44.0-7.el7_7 |
| redhat/nss-softokn | <0:3.44.0-8.el7_7 | 0:3.44.0-8.el7_7 |
| redhat/nss-util | <0:3.44.0-4.el7_7 | 0:3.44.0-4.el7_7 |
| redhat/nss-softokn | <0:3.28.3-9.el7_4 | 0:3.28.3-9.el7_4 |
| redhat/nss-softokn | <0:3.36.0-6.el7_5 | 0:3.36.0-6.el7_5 |
| redhat/nss-softokn | <0:3.36.0-6.el7_6 | 0:3.36.0-6.el7_6 |
| redhat/nss | <0:3.44.0-9.el8_1 | 0:3.44.0-9.el8_1 |
| redhat/nss | <0:3.44.0-8.el8_0 | 0:3.44.0-8.el8_0 |
| Mozilla Thunderbird | <68.3 | 68.3 |
| Mozilla Firefox ESR | <68.3 | 68.3 |
| redhat/nss | <3.44.3 | 3.44.3 |
| redhat/nss | <3.47.1 | 3.47.1 |
| Mozilla Firefox | <71 | 71 |
| IBM Cognos Analytics | <=12.0.0-12.0.3 | |
| IBM Cognos Analytics | <=11.2.0-11.2.4 FP4 | |
| Siemens RUGGEDCOM ROX MX5000 | <2.14.0 | 2.14.0 |
| Siemens RUGGEDCOM ROX RX1400 | <2.14.0 | 2.14.0 |
| Siemens RUGGEDCOM ROX RX1500 | <2.14.0 | 2.14.0 |
| RUGGEDCOM ROX RX1501 | <2.14.0 | 2.14.0 |
| Siemens RUGGEDCOM ROX RX1510 | <2.14.0 | 2.14.0 |
| Siemens RUGGEDCOM ROX RX1511 | <2.14.0 | 2.14.0 |
| Siemens RUGGEDCOM ROX RX1512 | <2.14.0 | 2.14.0 |
| Siemens RUGGEDCOM ROX RX500 | <2.14.0 | 2.14.0 |
| debian/nss | 2:3.61-1+deb11u3 2:3.61-1+deb11u4 2:3.87.1-1+deb12u1 2:3.107-1 2:3.108-1 | |
| Mozilla Firefox | <71.0 | |
| Mozilla Firefox ESR | <68.3 | |
| Mozilla Thunderbird | <68.3.0 | |
| openSUSE | =15.1 | |
| Ubuntu | =16.04 | |
| Ubuntu | =18.04 | |
| Ubuntu | =19.10 | |
| Debian | =9.0 | |
| redhat enterprise Linux server aus | =6.6 | |
| All of | ||
| Siemens RUGGEDCOM ROX MX5000RE firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX MX5000 | ||
| All of | ||
| siemens ruggedcom rox rx1400 firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1400 | ||
| All of | ||
| Siemens Ruggedcom ROX RX1500 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1500 | ||
| All of | ||
| Siemens Ruggedcom Rox RX1501 Firmware | <2.14.0 | |
| RUGGEDCOM ROX RX1501 | ||
| All of | ||
| Siemens Ruggedcom ROX RX1510 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1510 | ||
| All of | ||
| Siemens Ruggedcom ROX RX1511 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1511 | ||
| All of | ||
| Siemens Ruggedcom ROX RX1512 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1512 | ||
| All of | ||
| Siemens Ruggedcom ROX RX5000 Firmware | <2.14.0 | |
| Siemens Ruggedcom ROX RX5000 Firmware | ||
| Siemens RUGGEDCOM ROX MX5000RE firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX MX5000 | ||
| siemens ruggedcom rox rx1400 firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1400 | ||
| Siemens Ruggedcom ROX RX1500 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1500 | ||
| Siemens Ruggedcom Rox RX1501 Firmware | <2.14.0 | |
| RUGGEDCOM ROX RX1501 | ||
| Siemens Ruggedcom ROX RX1510 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1510 | ||
| Siemens Ruggedcom ROX RX1511 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1511 | ||
| Siemens Ruggedcom ROX RX1512 Firmware | <2.14.0 | |
| Siemens RUGGEDCOM ROX RX1512 | ||
| Siemens Ruggedcom ROX RX5000 Firmware | <2.14.0 | |
| Siemens Ruggedcom ROX RX5000 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-11745 https://nvd.nist.gov/vuln/detail/CVE-2019-11745 https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.3_release_notes https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47.1_release_notes
- https://bugzilla.redhat.com/show_bug.cgi?id=1774831
- https://access.redhat.com/errata/RHBA-2020:0547
- https://access.redhat.com/errata/RHSA-2019:4152
- https://access.redhat.com/errata/RHSA-2020:0466
- https://access.redhat.com/errata/RHSA-2019:4190
- https://access.redhat.com/errata/RHSA-2020:1345
- https://access.redhat.com/errata/RHSA-2020:1267
- https://access.redhat.com/errata/RHSA-2020:1461
- https://access.redhat.com/errata/RHSA-2019:4114
- https://access.redhat.com/errata/RHSA-2020:0243
- https://access.redhat.com/security/cve/cve-2019-11745
- https://bugzilla.mozilla.org/show_bug.cgi?id=1586176
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/
- https://www.mozilla.org/security/advisories/mfsa2019-36/
- https://www.mozilla.org/security/advisories/mfsa2019-37/
- https://www.mozilla.org/security/advisories/mfsa2019-38/
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00006.html
- https://usn.ubuntu.com/4241-1/
- https://security.gentoo.org/glsa/202003-02
- https://security.gentoo.org/glsa/202003-10
- https://security.gentoo.org/glsa/202003-37
- https://usn.ubuntu.com/4335-1/
- https://lists.debian.org/debian-lts-announce/2020/09/msg00029.html
- https://cert-portal.siemens.com/productcert/pdf/ssa-379803.pdf
- https://us-cert.cisa.gov/ics/advisories/icsa-21-040-04
- https://launchpad.net/bugs/cve/CVE-2019-11745
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/
- https://hg.mozilla.org/releases/mozilla-esr68/rev/ea1bc0fb2dda
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.44.3_release_notes
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.47.1_release_notes
- http://koji.fedoraproject.org/packages/nss/3.47.1/1.fc30
- http://koji.fedoraproject.org/packages/nss/3.47.1/1.fc31
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-11745
- https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-040-04 (Advisory)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11745
- https://nvd.nist.gov/vuln/detail/CVE-2019-11745
- https://security-tracker.debian.org/tracker/CVE-2019-11745
- https://ubuntu.com/security/CVE-2019-11745
- https://hg.mozilla.org/projects/nss/rev/1e22a0c93afe9f46545560c86caedef9dab6cfda
- https://www.ibm.com/support/pages/node/7177223 (Advisory)
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2019-11745?
CVE-2019-11745 is classified as a critical severity vulnerability due to its potential for remote code execution.
How do I fix CVE-2019-11745?
To resolve CVE-2019-11745, update to the patched versions of the affected software, including nss-softokn versions 0:3.44.0-6.el6_10 or later.
What systems are affected by CVE-2019-11745?
CVE-2019-11745 affects various products including Mozilla Firefox, Firefox ESR, Thunderbird, and certain versions of nss and nss-softokn.
What impact does CVE-2019-11745 have?
If exploited, CVE-2019-11745 allows remote attackers to execute arbitrary code with the privileges of the affected application user.
What is the cause of CVE-2019-11745?
CVE-2019-11745 is caused by a heap-based buffer overflow in the NSC_EncryptUpdate() function of Mozilla NSS.
- collector/redhat-cve
- collector/mozilla-advisory
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- source/Mozilla
- agent/software-canonical-lookup
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-11745
- agent/severity
- agent/weakness
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- collector/usn-cve
- source/Ubuntu
- agent/remedy
- agent/description
- agent/event
- collector/ibm-support
- source/IBM
- agent/last-modified-date
- agent/references
- agent/trending
- agent/source
- collector/ics-cert-advisory
- source/ICS
- agent/author
- agent/tags
- collector/security-tracker-debian
- source/Debian
- agent/softwarecombine
- collector/nvd-cve
- source/NVD
- collector/nvd-index
- package-manager/redhat
- vendor/mozilla
- canonical/mozilla thunderbird
- canonical/mozilla firefox esr
- canonical/mozilla firefox
- vendor/ibm
- canonical/ibm cognos analytics
- version/ibm cognos analytics/12.0.0-12.0.3
- version/ibm cognos analytics/11.2.0-11.2.4 fp4
- vendor/siemens
- canonical/siemens ruggedcom rox mx5000
- canonical/siemens ruggedcom rox rx1400
- canonical/siemens ruggedcom rox rx1500
- canonical/ruggedcom rox rx1501
- canonical/siemens ruggedcom rox rx1510
- canonical/siemens ruggedcom rox rx1511
- canonical/siemens ruggedcom rox rx1512
- canonical/siemens ruggedcom rox rx500
- package-manager/debian
- vendor/opensuse
- canonical/opensuse
- version/opensuse/15.1
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/16.04
- version/ubuntu/18.04
- version/ubuntu/19.10
- vendor/debian
- canonical/debian
- version/debian/9.0
- vendor/redhat
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/6.6
- canonical/siemens ruggedcom rox mx5000re firmware
- canonical/siemens ruggedcom rox rx1400 firmware
- canonical/siemens ruggedcom rox rx1500 firmware
- canonical/siemens ruggedcom rox rx1501 firmware
- canonical/siemens ruggedcom rox rx1510 firmware
- canonical/siemens ruggedcom rox rx1511 firmware
- canonical/siemens ruggedcom rox rx1512 firmware
- canonical/siemens ruggedcom rox rx5000 firmware