CVE-2013-5605

Summary

CVE	CVE-2013-5605
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2013-11-18 05:23:00 UTC
Updated	2018-10-09 19:34:00 UTC
Description	Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Mozilla	Network Security Services	3.14	All	All	All
Application	Mozilla	Network Security Services	3.14.1	All	All	All
Application	Mozilla	Network Security Services	3.14.2	All	All	All
Application	Mozilla	Network Security Services	3.14.3	All	All	All
Application	Mozilla	Network Security Services	3.14.4	All	All	All
Application	Mozilla	Network Security Services	3.15	All	All	All
Application	Mozilla	Network Security Services	3.15.1	All	All	All
Application	Mozilla	Network Security Services	3.15.2	All	All	All
Application	Mozilla	Network Security Services	3.14	All	All	All
Application	Mozilla	Network Security Services	3.14.1	All	All	All
Application	Mozilla	Network Security Services	3.14.2	All	All	All
Application	Mozilla	Network Security Services	3.14.3	All	All	All
Application	Mozilla	Network Security Services	3.14.4	All	All	All
Application	Mozilla	Network Security Services	3.15	All	All	All
Application	Mozilla	Network Security Services	3.15.1	All	All	All
Application	Mozilla	Network Security Services	3.15.2	All	All	All

References

Reference	Source	Link	Tags
Mozilla Network Security Services CVE-2013-5605 Remote Arbitrary Code Execution Vulnerability	BID	www.securityfocus.com
Access Denied	CONFIRM	bugzilla.mozilla.org
MFSA 2013-103: Miscellaneous Network Security Services (NSS) vulnerabilities	CONFIRM	www.mozilla.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
USN-2032-1: Thunderbird vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
Gentoo Security	GENTOO	security.gentoo.org
VMSA-2014-0012 \| United States	CONFIRM	www.vmware.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
openSUSE-SU-2013:1732-1: moderate: update for mozilla-nss	SUSE	lists.opensuse.org
Oracle Critical Patch Update - January 2015	CONFIRM	www.oracle.com
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities	FULLDISC	seclists.org
Oracle VM Server for x86 Bulletin - July 2016	CONFIRM	www.oracle.com
2016-10 Security Bulletin: CTPView: Multiple vulnerabilities in CTPView - Juniper Networks	CONFIRM	kb.juniper.net
USN-2030-1: NSS vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
Gentoo Linux Documentation -- Mozilla Network Security Service: Multiple vulnerabilities	GENTOO	security.gentoo.org
openSUSE-SU-2013:1730-1: moderate: update for mozilla-nss and mozilla-ns	SUSE	lists.opensuse.org
NSS 3.15.3 release notes - Mozilla \| MDN	CONFIRM	developer.mozilla.org	Patch
NSS 3.14.5 release notes - Mozilla \| MDN	CONFIRM	developer.mozilla.org	Patch
Oracle Critical Patch Update - October 2014	CONFIRM	www.oracle.com
Oracle Critical Patch Update - July 2014	CONFIRM	www.oracle.com
USN-2031-1: Firefox vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
[security-announce] SUSE-SU-2013:1807-1: important: Security update for	SUSE	lists.opensuse.org
SecurityFocus	BUGTRAQ	www.securityfocus.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Debian -- Security Information -- DSA-2800-1 nss	DEBIAN	www.debian.org
Oracle Critical Patch Update - January 2016	CONFIRM	www.oracle.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

390279 Oracle Managed Virtualization (VM) Server for x86 Security Update for nss (OVMSA-2023-0014)