Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0441

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-0441
Last Modified 10 Oct 2014 12:48:09
Published 05 Jun 2012 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-0441

Summary

The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response.

Vulnerable Systems

Application

  • Mozilla Firefox 10.0

  • Mozilla Firefox 10.0.1

  • Mozilla Firefox 10.0.2

  • Mozilla Firefox 11.0

  • Mozilla Firefox 12.0

  • Mozilla Firefox 4.0

  • Mozilla Firefox 4.0.1

  • Mozilla Firefox 5.0

  • Mozilla Firefox 5.0.1

  • Mozilla Firefox 6.0

  • Mozilla Firefox 6.0.1

  • Mozilla Firefox 6.0.2

  • Mozilla Firefox 7.0

  • Mozilla Firefox 7.0.1

  • Mozilla Firefox 8.0

  • Mozilla Firefox 8.0.1

  • Mozilla Firefox 9.0

  • Mozilla Firefox 9.0.1

  • Mozilla Firefox Esr 10.0

  • Mozilla Firefox Esr 10.0.1

  • Mozilla Firefox Esr 10.0.2

  • Mozilla Firefox Esr 10.0.3

  • Mozilla Firefox Esr 10.0.4

  • Mozilla Network Security Services 3.11.2

  • Mozilla Network Security Services 3.11.3

  • Mozilla Network Security Services 3.11.4

  • Mozilla Network Security Services 3.11.5

  • Mozilla Network Security Services 3.12

  • Mozilla Network Security Services 3.12.1

  • Mozilla Network Security Services 3.12.2

  • Mozilla Network Security Services 3.12.3

  • Mozilla Network Security Services 3.2

  • Mozilla Network Security Services 3.2.1

  • Mozilla Network Security Services 3.3

  • Mozilla Network Security Services 3.3.1

  • Mozilla Network Security Services 3.3.2

  • Mozilla Network Security Services 3.4

  • Mozilla Network Security Services 3.4.1

  • Mozilla Network Security Services 3.4.2

  • Mozilla Network Security Services 3.5

  • Mozilla Network Security Services 3.6

  • Mozilla Network Security Services 3.6.1

  • Mozilla Network Security Services 3.7

  • Mozilla Network Security Services 3.7.1

  • Mozilla Network Security Services 3.7.2

  • Mozilla Network Security Services 3.7.3

  • Mozilla Network Security Services 3.7.5

  • Mozilla Network Security Services 3.7.7

  • Mozilla Network Security Services 3.8

  • Mozilla Network Security Services 3.9

  • Mozilla Seamonkey 1.0

  • Mozilla Seamonkey 1.0.1

  • Mozilla Seamonkey 1.0.2

  • Mozilla Seamonkey 1.0.3

  • Mozilla Seamonkey 1.0.4

  • Mozilla Seamonkey 1.0.5

  • Mozilla Seamonkey 1.0.6

  • Mozilla Seamonkey 1.0.7

  • Mozilla Seamonkey 1.0.8

  • Mozilla Seamonkey 1.0.9

  • Mozilla Seamonkey 1.1

  • Mozilla Seamonkey 1.1.1

  • Mozilla Seamonkey 1.1.10

  • Mozilla Seamonkey 1.1.11

  • Mozilla Seamonkey 1.1.12

  • Mozilla Seamonkey 1.1.13

  • Mozilla Seamonkey 1.1.14

  • Mozilla Seamonkey 1.1.15

  • Mozilla Seamonkey 1.1.16

  • Mozilla Seamonkey 1.1.17

  • Mozilla Seamonkey 1.1.18

  • Mozilla Seamonkey 1.1.19

  • Mozilla Seamonkey 1.1.2

  • Mozilla Seamonkey 1.1.3

  • Mozilla Seamonkey 1.1.4

  • Mozilla Seamonkey 1.1.5

  • Mozilla Seamonkey 1.1.6

  • Mozilla Seamonkey 1.1.7

  • Mozilla Seamonkey 1.1.8

  • Mozilla Seamonkey 1.1.9

  • Mozilla Seamonkey 1.5.0.10

  • Mozilla Seamonkey 1.5.0.8

  • Mozilla Seamonkey 1.5.0.9

  • Mozilla Seamonkey 2.0

  • Mozilla Seamonkey 2.0.1

  • Mozilla Seamonkey 2.0.10

  • Mozilla Seamonkey 2.0.11

  • Mozilla Seamonkey 2.0.12

  • Mozilla Seamonkey 2.0.13

  • Mozilla Seamonkey 2.0.14

  • Mozilla Seamonkey 2.0.2

  • Mozilla Seamonkey 2.0.3

  • Mozilla Seamonkey 2.0.4

  • Mozilla Seamonkey 2.0.5

  • Mozilla Seamonkey 2.0.6

  • Mozilla Seamonkey 2.0.7

  • Mozilla Seamonkey 2.0.8

  • Mozilla Seamonkey 2.0.9

  • Mozilla Seamonkey 2.1

  • Mozilla Seamonkey 2.2

  • Mozilla Seamonkey 2.3

  • Mozilla Seamonkey 2.3.1

  • Mozilla Seamonkey 2.3.2

  • Mozilla Seamonkey 2.3.3

  • Mozilla Seamonkey 2.4

  • Mozilla Seamonkey 2.4.1

  • Mozilla Seamonkey 2.5

  • Mozilla Seamonkey 2.6

  • Mozilla Seamonkey 2.6.1

  • Mozilla Seamonkey 2.7

  • Mozilla Seamonkey 2.7.1

  • Mozilla Seamonkey 2.7.2

  • Mozilla Seamonkey 2.8

  • Mozilla Seamonkey 2.9

  • Mozilla Thunderbird 10.0

  • Mozilla Thunderbird 10.0.1

  • Mozilla Thunderbird 10.0.2

  • Mozilla Thunderbird 10.0.3

  • Mozilla Thunderbird 10.0.4

  • Mozilla Thunderbird 11.0

  • Mozilla Thunderbird 12.0

  • Mozilla Thunderbird 5.0

  • Mozilla Thunderbird 6.0

  • Mozilla Thunderbird 6.0.1

  • Mozilla Thunderbird 6.0.2

  • Mozilla Thunderbird 7.0

  • Mozilla Thunderbird 7.0.1

  • Mozilla Thunderbird 8.0

  • Mozilla Thunderbird 9.0

  • Mozilla Thunderbird 9.0.1

  • Mozilla Thunderbird Esr 10.0

  • Mozilla Thunderbird Esr 10.0.1

  • Mozilla Thunderbird Esr 10.0.2

  • Mozilla Thunderbird Esr 10.0.3

  • Mozilla Thunderbird Esr 10.0.4


References

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=715073

CONFIRM - http://www.mozilla.org/security/announce/2012/mfsa2012-39.html

UBUNTU - USN-1540-2

UBUNTU - USN-1540-1

BID - 53798

SECUNIA - 50316

SECUNIA - 49976

Related Patches

Red Hat 2012:1090-01 RHSA Moderate: nss and nspr security, bug fix, and enhancement update for RHEL 5 x86

Red Hat 2012:1090-01 RHSA Moderate: nss and nspr security, bug fix, and enhancement update for RHEL 5 x86_64

Novell SUSE 2012:6425 MozillaFirefox security update for SLE 11 SP1 i586

Novell SUSE 2012:6425 MozillaFirefox security update for SLE 11 SP1 x86_64

Novell SUSE 2012:8189 MozillaFirefox security update for SLE 10 SP4 i586

Novell SUSE 2012:8189 MozillaFirefox security update for SLE 10 SP4 x86_64

Mozilla Firefox ESR 10.0.5 for Mac OS X (Update) (See Note)

Mozilla Firefox 13.0 for Mac OS X (Update) (See Note)

Mozilla Firefox (en-us) 13.0 for Windows (Update) (See Notes)

Mozilla Firefox 13.0.1 for Mac OS X (Update) (See Note)

Mozilla Firefox (en-us) 13.0.1 for Windows (Update) (See Notes)

Mozilla Firefox ESR (en-us) 10.0.5 for Windows (Update) (See Notes)


Last Updated: 27 May 2016 10:57:32