Search criteria
6 vulnerabilities found for aura_application_server_5300 by avaya
FKIE_CVE-2016-5285
Vulnerability from fkie_nvd - Published: 2019-11-15 16:15 - Updated: 2024-11-21 02:53
Severity ?
Summary
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AC43A23-2511-42A3-BA33-C6BABE962FB1",
"versionEndExcluding": "3.26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:aura_application_enablement_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D638A011-7DFF-4369-95DB-EE977A9B34DD",
"versionEndIncluding": "6.3.3",
"versionStartIncluding": "6.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_enablement_services:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "00127FED-CA13-44FA-89D5-068A3BFD1782",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3FD52516-C173-4F55-A4F1-11E1623E0430",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3BAF15A8-A2D8-487E-960F-EB10524A49B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10:*:*:*:*:*:*",
"matchCriteriaId": "8EE8624E-3F8F-4AC0-9BC9-5DBF2A3BBA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10.1:*:*:*:*:*:*",
"matchCriteriaId": "3C30F303-BA9F-4934-A358-4EA4C04EB948",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11:*:*:*:*:*:*",
"matchCriteriaId": "D9F3ABDF-6A28-492E-8F6B-53192E7D1917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11.1:*:*:*:*:*:*",
"matchCriteriaId": "5B984320-0031-4CEF-BDE5-5A5E274DEE11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12:*:*:*:*:*:*",
"matchCriteriaId": "DE3EDB11-5831-403F-B6BB-3A84C0943487",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.1:*:*:*:*:*:*",
"matchCriteriaId": "FD108976-1E55-47F6-806B-2F61661CA128",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.2:*:*:*:*:*:*",
"matchCriteriaId": "A789ADCD-3BAF-4EE3-8342-AFBEF026F71B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.3:*:*:*:*:*:*",
"matchCriteriaId": "CADCC5A5-8BE4-41FD-BC8D-81607159998B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.5:*:*:*:*:*:*",
"matchCriteriaId": "0D0E4D1B-CA60-4219-ACD7-97BE0B8E10D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "18C2C82C-E595-4323-88A7-CE5D23E9F6E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "164809B0-EB36-470E-B9B2-75D5B2754600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "2E2F66A4-FB3A-49BB-AD18-5630A057907B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB1E43C1-EF6C-423B-A5D0-32E852E4C358",
"versionEndIncluding": "6.3.117.0",
"versionStartIncluding": "6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_communication_manager:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "2C2E06A0-09B4-40C9-8A62-0EE0BFE1DECA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_communication_manager:7.0:sp:*:*:*:*:*:*",
"matchCriteriaId": "615496B7-5D31-46F5-8795-37ADD595C886",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_communication_manager:7.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "53379B70-20CC-4827-AE6A-A1DFA11B3733",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "03D34DA0-C975-4A13-BD7E-575CCAE390BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D635CBA4-B881-4113-BA27-6D0EE1CF6E39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:breeze_platform:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B33AAA6-8BFD-4398-8DC4-1F7C3B94FDF4",
"versionEndIncluding": "3.2",
"versionStartIncluding": "3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DC0A0C-0FC6-439D-B865-634726034705",
"versionEndIncluding": "18.0.0.2",
"versionStartIncluding": "18.0.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:-:*:*:*:*:*:*",
"matchCriteriaId": "E328FD0E-115F-4092-AE1E-C22B72350B0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r3:*:*:*:*:*:*",
"matchCriteriaId": "349543A5-1FD9-46B4-8EAB-52E524A8DF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r4:*:*:*:*:*:*",
"matchCriteriaId": "8D6AA6F0-7AF5-4CC0-8202-65BA15086BF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r5:*:*:*:*:*:*",
"matchCriteriaId": "A96492BE-C5FC-4936-9B1A-E4675ABB9D79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:call_management_system:17.0:r6:*:*:*:*:*:*",
"matchCriteriaId": "373F0F03-AC30-4D50-B2F5-30DAEF52C8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:iq:5.2.x:*:*:*:*:*:*:*",
"matchCriteriaId": "5C6923AF-6862-4D6C-985A-CF8BF5C3D868",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:avaya:cs1000e_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F339C1D-A2C2-4885-B1C6-76923B09C18C",
"versionEndIncluding": "7.6",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:avaya:cs1000e:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB8A1AD-47C2-44F9-9C84-796FE0168E5A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:avaya:cs1000m_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2139CFD-0302-4281-9D9F-70E7D28B8354",
"versionEndIncluding": "7.6",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:avaya:cs1000m:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDA76EA5-A0AA-4985-9AE5-0C6FA1469E0C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:avaya:cs1000e\\/cs1000m_signaling_server_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53F50E03-897D-45D4-BE6A-3D7B4D0D79F9",
"versionEndIncluding": "7.6",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:avaya:cs1000e\\/cs1000m_signaling_server:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F1690698-8AB7-4129-8935-F08A6D52B559",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5B17F8-B06D-4E95-83F8-AA2AAA90677A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E1A754AC-0023-4A0C-BFFB-6BF7758435B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:-:*:*:*:*:*:*",
"matchCriteriaId": "4FC61B45-0975-4ED1-BD28-BB5EE5F3A51D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "838A248E-F9E2-4016-82C5-6AAEA21B5F0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "A1BB9C6F-0171-41E7-A4FF-CDBCE360EDAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "4C0B69F2-7AB0-4E22-98F4-083E26BDA27B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "5FC7A8E0-5AEF-4FA3-AC1D-63F7F609E781",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp8:*:*:*:*:*:*",
"matchCriteriaId": "DEFC084B-FCC2-438E-B65D-8B139F995551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_conferencing:8.0:sp9:*:*:*:*:*:*",
"matchCriteriaId": "FDD6F033-9716-42FB-9A2F-B08EDAAE1438",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_experience_portal:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E3910F71-B4AE-40CC-9EDC-27160869A4FC",
"versionEndIncluding": "7.1",
"versionStartIncluding": "6.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:ip_office:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "28DCFA27-23EB-4BBE-A020-F1854E4064A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:-:*:*:*:*:*:*",
"matchCriteriaId": "51C14CE3-651D-4503-9711-088B9CF773A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9468982C-DB32-490B-9131-9D35E8339467",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp10:*:*:*:*:*:*",
"matchCriteriaId": "4B490A4A-A837-4CC6-8A44-5A7F03D73619",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp11:*:*:*:*:*:*",
"matchCriteriaId": "C4A09C00-8D54-4674-A1D9-2F5AAD44CDD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp12:*:*:*:*:*:*",
"matchCriteriaId": "67BFAB48-462F-4E95-9619-7A54E4BDF6F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp3:*:*:*:*:*:*",
"matchCriteriaId": "E488E9F3-5329-43F1-AC9D-36760B95C91A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp4:*:*:*:*:*:*",
"matchCriteriaId": "CDD19739-0237-4C6F-9B6C-E47C9053F82A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp5:*:*:*:*:*:*",
"matchCriteriaId": "ACC5B2C8-CA4E-4482-8842-52886C5D5397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp6:*:*:*:*:*:*",
"matchCriteriaId": "09060F4E-DDB3-4C45-B628-6357ED0FA008",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp7:*:*:*:*:*:*",
"matchCriteriaId": "7C6013D3-4D4C-46F8-82E6-271FB44FD126",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp8:*:*:*:*:*:*",
"matchCriteriaId": "B1BED830-57D9-4051-B9D0-4E010AFA7451",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:9.1:sp9:*:*:*:*:*:*",
"matchCriteriaId": "110B4593-6CF2-443B-AC7D-7DA98C44058C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:-:*:*:*:*:*:*",
"matchCriteriaId": "0AF32565-F747-4450-841E-B54E2977BA91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "B86F3D17-7408-4721-9921-3EB702018C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BA3D7B64-7AD6-47D0-846D-A70C2838B653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp3:*:*:*:*:*:*",
"matchCriteriaId": "0EF71DB4-1523-4270-B0D8-0D20A2A6EAE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp4:*:*:*:*:*:*",
"matchCriteriaId": "2E32E623-597A-4931-B7CF-EED6EEBA61DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp5:*:*:*:*:*:*",
"matchCriteriaId": "47898FEC-4BB7-469F-9020-2D9FB1B2C50E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp6:*:*:*:*:*:*",
"matchCriteriaId": "D429B865-B22A-4F9B-922F-D1F817DF1147",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:ip_office:10.0:sp7:*:*:*:*:*:*",
"matchCriteriaId": "AE40493E-ED60-4BFC-9E48-D3148E4D0834",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BF272A94-7530-4DA2-9933-87984366BFAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:-:*:*:*:*:*:*",
"matchCriteriaId": "F428AFF6-9DF7-4B7D-AC2E-8031AEA61F10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp4:*:*:*:*:*:*",
"matchCriteriaId": "7C31ABCE-668E-455A-A3BC-6F42E1E5C973",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp5:*:*:*:*:*:*",
"matchCriteriaId": "C370E9B0-72EB-47E2-8FD9-F6A65ABE26E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp6:*:*:*:*:*:*",
"matchCriteriaId": "834D01F3-8266-4202-BB9A-B2805FE4FEDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_session_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1433DE76-61AC-44FD-A5A4-1747F8F2FEF9",
"versionEndIncluding": "6.3.18",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0:-:*:*:*:*:*:*",
"matchCriteriaId": "AEBC4E93-E283-446B-A928-8B8B51F2C154",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "E88C0156-15E8-4F2F-8015-8ED421874863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0:sp2:*:*:*:*:*:*",
"matchCriteriaId": "BEF48D0A-732F-4C32-A3BB-F0F8A777DC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "81979E50-603A-4210-9C27-F3B9974DC226",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "822B7EBF-C87D-4247-9F7F-10B94A37EEAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "046A0465-FF7B-4F25-8502-FFD3C6D9D375",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3B532A02-FF99-4102-AB99-4ED89875E436",
"versionEndIncluding": "6.3.18",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA21572A-1848-4B45-88EE-FAA3A13E4B47",
"versionEndIncluding": "7.0.1.3",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B0B3D7C4-968C-4F8D-95A6-FC2BF6DC80EA",
"versionEndIncluding": "6.3.14",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5C4CAB-B2B9-4892-8183-31AC1DB17FA5",
"versionEndIncluding": "7.0.1.2",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:meeting_exchange:6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "88AD2F3E-8B67-4FFF-87F0-6624C7026EBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:meeting_exchange:6.2:sp3:*:*:*:*:*:*",
"matchCriteriaId": "153B3C0F-9FF7-4CC6-BA38-157C66E93410",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B6ADC723-586B-4836-9A39-99DFE46E630D",
"versionEndIncluding": "6.3",
"versionStartIncluding": "5.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:-:*:*:*:*:*:*",
"matchCriteriaId": "D0EBE856-466D-4F6B-A10A-B1DFCD703189",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp1:*:*:*:*:*:*",
"matchCriteriaId": "1CD0A719-AF58-450B-A6D9-D2AEE9DDE409",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp2:*:*:*:*:*:*",
"matchCriteriaId": "A8D3B3F6-EBB2-42DC-8749-EB8C1DF29C95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp5:*:*:*:*:*:*",
"matchCriteriaId": "101133AA-42DF-44E1-A6BC-AA1131EEA2A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:proactive_contact:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E7DEDCFB-3074-4E52-A2D8-0B78B0DBDF85",
"versionEndIncluding": "5.1.2",
"versionStartIncluding": "5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "143AC145-18D3-41B4-9E6F-DC16B94854B1",
"versionEndIncluding": "6.3",
"versionStartIncluding": "6.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9492A764-F772-428F-B81D-90B109829F0C",
"versionEndIncluding": "7.1",
"versionStartIncluding": "7.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:avaya:session_border_controller_for_enterprise:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9EA3E439-6712-4345-A918-A300163CAF94",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:avaya:aura_system_platform_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBD8DDDA-535C-4141-B0E5-2B379FA28AB4",
"versionEndIncluding": "6.4.0",
"versionStartIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:avaya:aura_system_platform:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AC5935AB-8E13-4CD5-8CAE-91A9C5786880",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de desreferencia de puntero nulo en Mozilla Network Security Services debido a una falta de verificaci\u00f3n NULL en PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, lo que podr\u00eda permitir que un usuario malintencionado remoto cause una Denegaci\u00f3n de servicio."
}
],
"id": "CVE-2016-5285",
"lastModified": "2024-11-21T02:53:59.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-15T16:15:10.110",
"references": [
{
"source": "security@mozilla.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"source": "security@mozilla.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"source": "security@mozilla.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"source": "security@mozilla.org",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"source": "security@mozilla.org",
"url": "http://www.securityfocus.com/bid/94349"
},
{
"source": "security@mozilla.org",
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"source": "security@mozilla.org",
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"source": "security@mozilla.org",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
},
{
"source": "security@mozilla.org",
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94349"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-46"
}
],
"sourceIdentifier": "security@mozilla.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-5096
Vulnerability from fkie_nvd - Published: 2012-07-03 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| avaya | aura_application_server_5300 | 1.0 | |
| avaya | aura_application_server_5300 | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ED5A80A1-A5EE-4451-A03F-36C513FBB199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:avaya:aura_application_server_5300:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "143818EF-0E0B-47D5-B19A-759986E01568",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en cstore.exe en Media Application Server (MAS) en Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) v1.x anteriores a v1.0.2 y v2.0 anteriores a Patch Bundle 10, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s del par\u00e1metro cs_anams en un paquete CONTENT_STORE_ADMIN_REQ packet."
}
],
"id": "CVE-2011-5096",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-07-03T21:55:01.317",
"references": [
{
"source": "cve@mitre.org",
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2016-5285 (GCVE-0-2016-5285)
Vulnerability from cvelistv5 – Published: 2019-11-15 15:44 – Updated: 2024-08-06 00:53
VLAI?
Summary
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
Severity ?
No CVSS data available.
CWE
- denial of service
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mozilla | Network Security Services |
Affected:
3.24
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:53:48.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94349"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Network Security Services",
"vendor": "Mozilla",
"versions": [
{
"status": "affected",
"version": "3.24"
}
]
}
],
"datePublic": "2016-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-09T19:53:19",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/94349"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-5285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Network Security Services",
"version": {
"version_data": [
{
"version_value": "3.24"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"name": "http://www.securityfocus.com/bid/94349",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/94349"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"name": "https://security.gentoo.org/glsa/201701-46",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"name": "http://www.ubuntu.com/usn/USN-3163-1",
"refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa137",
"refsource": "MISC",
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2016-5285",
"datePublished": "2019-11-15T15:44:05",
"dateReserved": "2016-06-03T00:00:00",
"dateUpdated": "2024-08-06T00:53:48.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-5096 (GCVE-0-2011-5096)
Vulnerability from cvelistv5 – Published: 2012-07-03 21:00 – Updated: 2024-09-17 00:06
VLAI?
Summary
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:40.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-03T21:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://downloads.avaya.com/css/P8/documents/100146108",
"refsource": "CONFIRM",
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-11-260/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5096",
"datePublished": "2012-07-03T21:00:00Z",
"dateReserved": "2012-07-03T00:00:00Z",
"dateUpdated": "2024-09-17T00:06:20.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5285 (GCVE-0-2016-5285)
Vulnerability from nvd – Published: 2019-11-15 15:44 – Updated: 2024-08-06 00:53
VLAI?
Summary
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
Severity ?
No CVSS data available.
CWE
- denial of service
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Mozilla | Network Security Services |
Affected:
3.24
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:53:48.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94349"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Network Security Services",
"vendor": "Mozilla",
"versions": [
{
"status": "affected",
"version": "3.24"
}
]
}
],
"datePublic": "2016-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-09T19:53:19",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/94349"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2016-5285",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Network Security Services",
"version": {
"version_data": [
{
"version_value": "3.24"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
},
{
"name": "http://www.securityfocus.com/bid/94349",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/94349"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
},
{
"name": "https://security.gentoo.org/glsa/201701-46",
"refsource": "MISC",
"url": "https://security.gentoo.org/glsa/201701-46"
},
{
"name": "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
},
{
"name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
},
{
"name": "http://www.ubuntu.com/usn/USN-3163-1",
"refsource": "MISC",
"url": "http://www.ubuntu.com/usn/USN-3163-1"
},
{
"name": "https://bto.bluecoat.com/security-advisory/sa137",
"refsource": "MISC",
"url": "https://bto.bluecoat.com/security-advisory/sa137"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
"refsource": "CONFIRM",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2016-5285",
"datePublished": "2019-11-15T15:44:05",
"dateReserved": "2016-06-03T00:00:00",
"dateUpdated": "2024-08-06T00:53:48.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-5096 (GCVE-0-2011-5096)
Vulnerability from nvd – Published: 2012-07-03 21:00 – Updated: 2024-09-17 00:06
VLAI?
Summary
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:40.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-03T21:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-5096",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://downloads.avaya.com/css/P8/documents/100146108",
"refsource": "CONFIRM",
"url": "https://downloads.avaya.com/css/P8/documents/100146108"
},
{
"name": "http://zerodayinitiative.com/advisories/ZDI-11-260/",
"refsource": "MISC",
"url": "http://zerodayinitiative.com/advisories/ZDI-11-260/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-5096",
"datePublished": "2012-07-03T21:00:00Z",
"dateReserved": "2012-07-03T00:00:00Z",
"dateUpdated": "2024-09-17T00:06:20.564Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}