First published: Mon Apr 29 2019(Updated: )
In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.
Credit: security@mozilla.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/nss | <3.44 | 3.44 |
Siemens RUGGEDCOM ROX MX5000 | <2.14.0 | 2.14.0 |
Siemens RUGGEDCOM ROX RX1400 | <2.14.0 | 2.14.0 |
Siemens RUGGEDCOM ROX RX1500 | <2.14.0 | 2.14.0 |
Siemens RUGGEDCOM ROX RX1501 | <2.14.0 | 2.14.0 |
Siemens RUGGEDCOM ROX RX1510 | <2.14.0 | 2.14.0 |
Siemens RUGGEDCOM ROX RX1511 | <2.14.0 | 2.14.0 |
Siemens RUGGEDCOM ROX RX500 | <2.14.0 | 2.14.0 |
Mozilla Network Security Services | <3.44 | |
Siemens Ruggedcom Rox Mx5000 Firmware | <2.14.0 | |
Siemens RUGGEDCOM ROX MX5000 | ||
Siemens Ruggedcom Rox Rx1400 Firmware | <2.14.0 | |
Siemens RUGGEDCOM ROX RX1400 | ||
Siemens Ruggedcom Rox Rx1500 Firmware | <2.14.0 | |
Siemens RUGGEDCOM ROX RX1500 | ||
Siemens Ruggedcom Rox Rx1501 Firmware | <2.14.0 | |
Siemens RUGGEDCOM ROX RX1501 | ||
Siemens Ruggedcom Rox Rx1510 Firmware | <2.14.0 | |
Siemens RUGGEDCOM ROX RX1510 | ||
Siemens Ruggedcom Rox Rx1511 Firmware | <2.14.0 | |
Siemens RUGGEDCOM ROX RX1511 | ||
Siemens Ruggedcom Rox Rx1512 Firmware | <2.14.0 | |
Siemens RUGGEDCOM ROX RX1512 | ||
Siemens Ruggedcom Rox Rx5000 Firmware | <2.14.0 | |
Siemens Ruggedcom Rox Rx5000 | ||
IBM Cognos Analytics | <=12.0.0-12.0.3 | |
IBM Cognos Analytics | <=11.2.0-11.2.4 FP4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-17007 is a vulnerability in Network Security Services (NSS) before version 3.44.
CVE-2019-17007 can cause NSS to crash, resulting in a denial of service.
The severity of CVE-2019-17007 is high, with a CVSS score of 7.5.
To fix CVE-2019-17007, update Network Security Services (NSS) to version 3.44 or later.
You can find more information about CVE-2019-17007 on the following references: 1. [Chromium Project Zero](https://bugs.chromium.org/p/project-zero/issues/detail?id=1798) 2. [Red Hat Bugzilla](https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1703987) 3. [Mozilla NSS Repository](https://hg.mozilla.org/projects/nss/rev/1473dd7efe2ce4f8722a33ebb03a3425e09887de)