|Bugzilla:||1012740: CVE-2013-1739 nss: Avoid uninitialized data read in the event of a decryption failure|
The MITRE CVE dictionary describes this issue as:
Mozilla Network Security Services (NSS) before 3.15.2 does not ensure that data structures are initialized before read operations, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger a decryption failure.
This issue affects the version of nss as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw.
CVSS v2 metrics
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
Red Hat security errata
|Red Hat Enterprise Linux version 5||RHSA-2013:1791||December 05, 2013|
|Red Hat Enterprise Linux version 6||RHSA-2013:1829||December 12, 2013|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.