CVE-2016-1950
Summary
| CVE | CVE-2016-1950 |
|---|---|
| State | PUBLISHED |
| Assigner | mozilla |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-03-13 18:59:00 UTC |
| Updated | 2026-05-06 22:30:45 UTC |
| Description | Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate. |
Risk And Classification
Primary CVSS: v3.0 8.8 HIGH from [email protected]
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Problem Types: CWE-119 | n/a
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.0 | [email protected] | Primary | 8.8 | HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| 2.0 | [email protected] | Primary | 6.8 | AV:N/AC:M/Au:N/C:P/I:P/A:P |
CVSS v3.0 Breakdown
Attack Vector
NetworkAttack Complexity
LowPrivileges Required
NoneUser Interaction
RequiredScope
UnchangedConfidentiality
HighIntegrity
HighAvailability
HighCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS v2.0 Breakdown
Access Vector
NetworkAccess Complexity
MediumAuthentication
NoneConfidentiality
PartialIntegrity
PartialAvailability
PartialAV:N/AC:M/Au:N/C:P/I:P/A:P
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Iphone Os | All | All | All | All |
| Operating System | Apple | Mac Os X | All | All | All | All |
| Operating System | Apple | Tvos | All | All | All | All |
| Operating System | Apple | Watchos | All | All | All | All |
| Application | Mozilla | Firefox | 38.0 | All | All | All |
| Application | Mozilla | Firefox | 38.0.1 | All | All | All |
| Application | Mozilla | Firefox | 38.0.5 | All | All | All |
| Application | Mozilla | Firefox | 38.1.0 | All | All | All |
| Application | Mozilla | Firefox | 38.1.1 | All | All | All |
| Application | Mozilla | Firefox | 38.2.0 | All | All | All |
| Application | Mozilla | Firefox | 38.2.1 | All | All | All |
| Application | Mozilla | Firefox | 38.3.0 | All | All | All |
| Application | Mozilla | Firefox | 38.4.0 | All | All | All |
| Application | Mozilla | Firefox | 38.5.0 | All | All | All |
| Application | Mozilla | Firefox | 38.5.1 | All | All | All |
| Application | Mozilla | Firefox | 38.6.0 | All | All | All |
| Application | Mozilla | Firefox | 38.6.1 | All | All | All |
| Application | Mozilla | Firefox | All | All | All | All |
| Application | Mozilla | Network Security Services | 3.19.2 | All | All | All |
| Application | Mozilla | Network Security Services | 3.20 | All | All | All |
| Application | Mozilla | Network Security Services | 3.20.1 | All | All | All |
| Application | Mozilla | Network Security Services | 3.21 | All | All | All |
| Application | Oracle | Glassfish Server | 2.1.1 | All | All | All |
| Application | Oracle | Iplanet Web Proxy Server | 4.0 | All | All | All |
| Application | Oracle | Iplanet Web Server | 7.0 | All | All | All |
| Operating System | Oracle | Linux | 5.0 | All | All | All |
| Operating System | Oracle | Linux | 6 | All | All | All |
| Operating System | Oracle | Linux | 7 | All | All | All |
| Operating System | Oracle | Vm Server | 3.2 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| USN-2917-3: Firefox regressions | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | |
| About the security content of tvOS 9.2 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | Third Party Advisory |
| APPLE-SA-2016-03-21-3 tvOS 9.2 | af854a3a-2127-422b-91ae-364da2661108 | lists.apple.com | Mailing List |
| Broadcom Support Portal | af854a3a-2127-422b-91ae-364da2661108 | bto.bluecoat.com | |
| NSS 3.19.2.3 release notes - Mozilla | MDN | af854a3a-2127-422b-91ae-364da2661108 | developer.mozilla.org | Release Notes |
| [security-announce] SUSE-SU-2016:0909-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| [security-announce] SUSE-SU-2016:0727-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| Debian -- Security Information -- DSA-3688-1 nss | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | |
| Oracle Critical Patch Update - October 2016 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | Third Party Advisory |
| Oracle VM Server for x86 Bulletin - July 2016 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | Third Party Advisory |
| Debian -- Security Information -- DSA-3510-1 iceweasel | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | |
| APPLE-SA-2016-03-21-1 iOS 9.3 | af854a3a-2127-422b-91ae-364da2661108 | lists.apple.com | Mailing List |
| About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | Third Party Advisory |
| Mozilla Products: Multiple vulnerabilities (GLSA 201605-06) — Gentoo security | af854a3a-2127-422b-91ae-364da2661108 | security.gentoo.org | |
| USN-2917-2: Firefox regressions | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | |
| Red Hat Customer Portal | af854a3a-2127-422b-91ae-364da2661108 | rhn.redhat.com | |
| About the security content of watchOS 2.2 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | Third Party Advisory |
| [security-announce] SUSE-SU-2016:0820-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| Debian -- Security Information -- DSA-3520-1 icedove | af854a3a-2127-422b-91ae-364da2661108 | www.debian.org | |
| Buffer overflow during ASN.1 decoding in NSS — Mozilla | af854a3a-2127-422b-91ae-364da2661108 | www.mozilla.org | Vendor Advisory |
| Oracle Critical Patch Update - October 2017 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| USN-2924-1: NSS vulnerability | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | |
| [security-announce] openSUSE-SU-2016:0733-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| APPLE-SA-2016-03-21-2 watchOS 2.2 | af854a3a-2127-422b-91ae-364da2661108 | lists.apple.com | Mailing List |
| [security-announce] SUSE-SU-2016:0777-1: important: Security update for | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| Access Denied | af854a3a-2127-422b-91ae-364da2661108 | bugzilla.mozilla.org | Issue Tracking |
| Mozilla Network Security Services CVE-2016-1950 Heap Buffer Overflow Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Oracle Linux Bulletin - January 2016 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | Third Party Advisory |
| NSS 3.21.1 release notes - Mozilla | MDN | af854a3a-2127-422b-91ae-364da2661108 | developer.mozilla.org | Release Notes |
| Mozilla Firefox Multiple Flaws Let Remote Users Execute Arbitrary Code, Spoof the Address Bar, Overwrite Files, and Deny Service - SecurityTracker | af854a3a-2127-422b-91ae-364da2661108 | www.securitytracker.com | |
| APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 | af854a3a-2127-422b-91ae-364da2661108 | lists.apple.com | Mailing List |
| USN-2917-1: Firefox vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | |
| [security-announce] openSUSE-SU-2016:1557-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | Third Party Advisory |
| Oracle Critical Patch Update - July 2017 | af854a3a-2127-422b-91ae-364da2661108 | www.oracle.com | |
| USN-2934-1: Thunderbird vulnerabilities | Ubuntu | af854a3a-2127-422b-91ae-364da2661108 | www.ubuntu.com | |
| About the security content of iOS 9.3 - Apple Support | af854a3a-2127-422b-91ae-364da2661108 | support.apple.com | Third Party Advisory |
| [security-announce] openSUSE-SU-2016:0731-1: important: Security update | af854a3a-2127-422b-91ae-364da2661108 | lists.opensuse.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.