Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox和Thunderbird 释放后重用漏洞
Vulnerability Description
Mozilla Network Security Services(NSS)是美国Mozilla基金会开发的一个函数库(网络安全服务库),它可跨平台提供SSL、S/MIME和其他Internet安全标准支持。 多款Mozilla产品中使用的NSS中libnss3.so文件的‘CERT_DestroyCertificate’函数存在释放后重用漏洞,该漏洞源于程序从可信域中不正确的移除了NSSCertificate结构。远程攻击者可利用该漏洞执行任意代码。以下版本受到影响:Firefox 30.0及之前版本,
CVSS Information
N/A
Vulnerability Type
N/A