CVE-2013-5606 in Network Security Servicesinformazioni

Riassunto

di MITRE

The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Fonti

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!