Bugzilla – Bug 970257
VUL-0: CVE-2016-1950: mozilla-nss: Heap buffer overflow vulnerability in ASN1 certificate parsing (MFSA 2016-35)
Last modified: 2019-05-01 17:05:32 UTC
A heap-based buffer overflow was found in the ASN.1 parsing code of NSS. A remote attacker could create a specially-crafted certificate, which when parsed by NSS, could the application linked with NSS to crash or potentially execute code with the permission of the user running such an application.
Applications such as web browsers which parse untrusted web content are specially vulnerable to this issue.
updates were tracked in bug 969894
*** This bug has been marked as a duplicate of bug 969894 ***