Mozilla Network Security Services Library Remote Heap Overflow Vulnerability

NSS is prone to a remote heap-overflow vulnerability because it fails to perform sufficient boundary checks. Successful exploits may allow arbitrary code to run and may grant the attacker unauthorized access to a vulnerable computer.

The NSS library is commonly used by Netscape Enterprise Server and Sun One/iPlanet servers. The SSLv2 protocol is not enabled by default on these servers. Other products may be affected as well.


Privacy Statement
Copyright 2010, SecurityFocus