Vulnerabilites related to avaya - aura_system_platform_firmware
cve-2016-5285
Vulnerability from cvelistv5
Published
2019-11-15 15:44
Modified
2024-08-06 00:53
Severity ?
Summary
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
Impacted products
Vendor Product Version
Mozilla Network Security Services Version: 3.24
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:53:48.923Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94349",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201701-46",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3163-1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bto.bluecoat.com/security-advisory/sa137",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Network Security Services",
               vendor: "Mozilla",
               versions: [
                  {
                     status: "affected",
                     version: "3.24",
                  },
               ],
            },
         ],
         datePublic: "2016-10-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "denial of service",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-09T19:53:19",
            orgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
            shortName: "mozilla",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.securityfocus.com/bid/94349",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://security.gentoo.org/glsa/201701-46",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.ubuntu.com/usn/USN-3163-1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bto.bluecoat.com/security-advisory/sa137",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@mozilla.org",
               ID: "CVE-2016-5285",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Network Security Services",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "3.24",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Mozilla",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "denial of service",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
                     refsource: "MISC",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
                  },
                  {
                     name: "http://www.securityfocus.com/bid/94349",
                     refsource: "MISC",
                     url: "http://www.securityfocus.com/bid/94349",
                  },
                  {
                     name: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
                     refsource: "MISC",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
                  },
                  {
                     name: "https://security.gentoo.org/glsa/201701-46",
                     refsource: "MISC",
                     url: "https://security.gentoo.org/glsa/201701-46",
                  },
                  {
                     name: "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
                     refsource: "MISC",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
                  },
                  {
                     name: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
                     refsource: "MISC",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
                  },
                  {
                     name: "http://www.ubuntu.com/usn/USN-3163-1",
                     refsource: "MISC",
                     url: "http://www.ubuntu.com/usn/USN-3163-1",
                  },
                  {
                     name: "https://bto.bluecoat.com/security-advisory/sa137",
                     refsource: "MISC",
                     url: "https://bto.bluecoat.com/security-advisory/sa137",
                  },
                  {
                     name: "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
      assignerShortName: "mozilla",
      cveId: "CVE-2016-5285",
      datePublished: "2019-11-15T15:44:05",
      dateReserved: "2016-06-03T00:00:00",
      dateUpdated: "2024-08-06T00:53:48.923Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2019-11-15 16:15
Modified
2024-11-21 02:53
Summary
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
References
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html
security@mozilla.orghttp://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.htmlMailing List, Third Party Advisory
security@mozilla.orghttp://rhn.redhat.com/errata/RHSA-2016-2779.html
security@mozilla.orghttp://www.securityfocus.com/bid/94349
security@mozilla.orghttp://www.ubuntu.com/usn/USN-3163-1
security@mozilla.orghttps://bto.bluecoat.com/security-advisory/sa137
security@mozilla.orghttps://bugzilla.mozilla.org/show_bug.cgi?id=1306103
security@mozilla.orghttps://security.gentoo.org/glsa/201701-46
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-2779.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/94349
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-3163-1
af854a3a-2127-422b-91ae-364da2661108https://bto.bluecoat.com/security-advisory/sa137
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.mozilla.org/show_bug.cgi?id=1306103
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201701-46
Impacted products
Vendor Product Version
mozilla nss *
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
redhat enterprise_linux 5.0
redhat enterprise_linux 6.0
redhat enterprise_linux 7.0
suse linux_enterprise_server 11
avaya aura_application_enablement_services *
avaya aura_application_enablement_services 7.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_application_server_5300 3.0
avaya aura_communication_manager *
avaya aura_communication_manager 7.0
avaya aura_communication_manager 7.0
avaya aura_communication_manager 7.0
avaya aura_communication_manager_messagint 7.0
avaya aura_communication_manager_messagint 7.0
avaya breeze_platform *
avaya call_management_system *
avaya call_management_system 17.0
avaya call_management_system 17.0
avaya call_management_system 17.0
avaya call_management_system 17.0
avaya call_management_system 17.0
avaya iq 5.2.x
avaya cs1000e_firmware *
avaya cs1000e -
avaya cs1000m_firmware *
avaya cs1000m -
avaya cs1000e\/cs1000m_signaling_server_firmware *
avaya cs1000e\/cs1000m_signaling_server -
avaya aura_conferencing 7.0
avaya aura_conferencing 7.2
avaya aura_conferencing 8.0
avaya aura_conferencing 8.0
avaya aura_conferencing 8.0
avaya aura_conferencing 8.0
avaya aura_conferencing 8.0
avaya aura_conferencing 8.0
avaya aura_conferencing 8.0
avaya aura_experience_portal *
avaya ip_office 8.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 9.1
avaya ip_office 10.0
avaya ip_office 10.0
avaya ip_office 10.0
avaya ip_office 10.0
avaya ip_office 10.0
avaya ip_office 10.0
avaya ip_office 10.0
avaya ip_office 10.0
avaya aura_messaging 6.3
avaya aura_messaging 6.3.3
avaya aura_messaging 6.3.3
avaya aura_messaging 6.3.3
avaya aura_messaging 6.3.3
avaya aura_session_manager *
avaya aura_session_manager 7.0
avaya aura_session_manager 7.0
avaya aura_session_manager 7.0
avaya aura_session_manager 7.0.1
avaya aura_session_manager 7.0.1
avaya aura_session_manager 7.0.1
avaya aura_system_manager *
avaya aura_system_manager *
avaya aura_utility_services *
avaya aura_utility_services *
avaya meeting_exchange 6.2
avaya meeting_exchange 6.2
avaya message_networking *
avaya one-x_client_enablement_services 6.2
avaya one-x_client_enablement_services 6.2
avaya one-x_client_enablement_services 6.2
avaya one-x_client_enablement_services 6.2
avaya proactive_contact *
avaya session_border_controller_for_enterprise_firmware *
avaya session_border_controller_for_enterprise_firmware *
avaya session_border_controller_for_enterprise -
avaya aura_system_platform_firmware *
avaya aura_system_platform -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2AC43A23-2511-42A3-BA33-C6BABE962FB1",
                     versionEndExcluding: "3.26",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
                     matchCriteriaId: "CB6476C7-03F2-4939-AB85-69AA524516D9",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_enablement_services:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D638A011-7DFF-4369-95DB-EE977A9B34DD",
                     versionEndIncluding: "6.3.3",
                     versionStartIncluding: "6.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_enablement_services:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "00127FED-CA13-44FA-89D5-068A3BFD1782",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "3FD52516-C173-4F55-A4F1-11E1623E0430",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "3BAF15A8-A2D8-487E-960F-EB10524A49B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10:*:*:*:*:*:*",
                     matchCriteriaId: "8EE8624E-3F8F-4AC0-9BC9-5DBF2A3BBA83",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10.1:*:*:*:*:*:*",
                     matchCriteriaId: "3C30F303-BA9F-4934-A358-4EA4C04EB948",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11:*:*:*:*:*:*",
                     matchCriteriaId: "D9F3ABDF-6A28-492E-8F6B-53192E7D1917",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11.1:*:*:*:*:*:*",
                     matchCriteriaId: "5B984320-0031-4CEF-BDE5-5A5E274DEE11",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12:*:*:*:*:*:*",
                     matchCriteriaId: "DE3EDB11-5831-403F-B6BB-3A84C0943487",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.1:*:*:*:*:*:*",
                     matchCriteriaId: "FD108976-1E55-47F6-806B-2F61661CA128",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.2:*:*:*:*:*:*",
                     matchCriteriaId: "A789ADCD-3BAF-4EE3-8342-AFBEF026F71B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.3:*:*:*:*:*:*",
                     matchCriteriaId: "CADCC5A5-8BE4-41FD-BC8D-81607159998B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.5:*:*:*:*:*:*",
                     matchCriteriaId: "0D0E4D1B-CA60-4219-ACD7-97BE0B8E10D3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp3:*:*:*:*:*:*",
                     matchCriteriaId: "18C2C82C-E595-4323-88A7-CE5D23E9F6E3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp5:*:*:*:*:*:*",
                     matchCriteriaId: "164809B0-EB36-470E-B9B2-75D5B2754600",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp7:*:*:*:*:*:*",
                     matchCriteriaId: "2E2F66A4-FB3A-49BB-AD18-5630A057907B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CB1E43C1-EF6C-423B-A5D0-32E852E4C358",
                     versionEndIncluding: "6.3.117.0",
                     versionStartIncluding: "6.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_communication_manager:7.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "2C2E06A0-09B4-40C9-8A62-0EE0BFE1DECA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_communication_manager:7.0:sp:*:*:*:*:*:*",
                     matchCriteriaId: "615496B7-5D31-46F5-8795-37ADD595C886",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_communication_manager:7.0:sp3:*:*:*:*:*:*",
                     matchCriteriaId: "53379B70-20CC-4827-AE6A-A1DFA11B3733",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "03D34DA0-C975-4A13-BD7E-575CCAE390BC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "D635CBA4-B881-4113-BA27-6D0EE1CF6E39",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:breeze_platform:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8B33AAA6-8BFD-4398-8DC4-1F7C3B94FDF4",
                     versionEndIncluding: "3.2",
                     versionStartIncluding: "3.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6DC0A0C-0FC6-439D-B865-634726034705",
                     versionEndIncluding: "18.0.0.2",
                     versionStartIncluding: "18.0.0.1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:call_management_system:17.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "E328FD0E-115F-4092-AE1E-C22B72350B0A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:call_management_system:17.0:r3:*:*:*:*:*:*",
                     matchCriteriaId: "349543A5-1FD9-46B4-8EAB-52E524A8DF0B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:call_management_system:17.0:r4:*:*:*:*:*:*",
                     matchCriteriaId: "8D6AA6F0-7AF5-4CC0-8202-65BA15086BF0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:call_management_system:17.0:r5:*:*:*:*:*:*",
                     matchCriteriaId: "A96492BE-C5FC-4936-9B1A-E4675ABB9D79",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:call_management_system:17.0:r6:*:*:*:*:*:*",
                     matchCriteriaId: "373F0F03-AC30-4D50-B2F5-30DAEF52C8B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:iq:5.2.x:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C6923AF-6862-4D6C-985A-CF8BF5C3D868",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:avaya:cs1000e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F339C1D-A2C2-4885-B1C6-76923B09C18C",
                     versionEndIncluding: "7.6",
                     versionStartIncluding: "7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:avaya:cs1000e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EAB8A1AD-47C2-44F9-9C84-796FE0168E5A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:avaya:cs1000m_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2139CFD-0302-4281-9D9F-70E7D28B8354",
                     versionEndIncluding: "7.6",
                     versionStartIncluding: "7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:avaya:cs1000m:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDA76EA5-A0AA-4985-9AE5-0C6FA1469E0C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:avaya:cs1000e\\/cs1000m_signaling_server_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "53F50E03-897D-45D4-BE6A-3D7B4D0D79F9",
                     versionEndIncluding: "7.6",
                     versionStartIncluding: "7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:avaya:cs1000e\\/cs1000m_signaling_server:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1690698-8AB7-4129-8935-F08A6D52B559",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A5B17F8-B06D-4E95-83F8-AA2AAA90677A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:7.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1A754AC-0023-4A0C-BFFB-6BF7758435B0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:8.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "4FC61B45-0975-4ED1-BD28-BB5EE5F3A51D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:8.0:sp2:*:*:*:*:*:*",
                     matchCriteriaId: "838A248E-F9E2-4016-82C5-6AAEA21B5F0F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:8.0:sp4:*:*:*:*:*:*",
                     matchCriteriaId: "A1BB9C6F-0171-41E7-A4FF-CDBCE360EDAE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:8.0:sp5:*:*:*:*:*:*",
                     matchCriteriaId: "4C0B69F2-7AB0-4E22-98F4-083E26BDA27B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:8.0:sp7:*:*:*:*:*:*",
                     matchCriteriaId: "5FC7A8E0-5AEF-4FA3-AC1D-63F7F609E781",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:8.0:sp8:*:*:*:*:*:*",
                     matchCriteriaId: "DEFC084B-FCC2-438E-B65D-8B139F995551",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_conferencing:8.0:sp9:*:*:*:*:*:*",
                     matchCriteriaId: "FDD6F033-9716-42FB-9A2F-B08EDAAE1438",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_experience_portal:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3910F71-B4AE-40CC-9EDC-27160869A4FC",
                     versionEndIncluding: "7.1",
                     versionStartIncluding: "6.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:8.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "28DCFA27-23EB-4BBE-A020-F1854E4064A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "51C14CE3-651D-4503-9711-088B9CF773A0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "9468982C-DB32-490B-9131-9D35E8339467",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp10:*:*:*:*:*:*",
                     matchCriteriaId: "4B490A4A-A837-4CC6-8A44-5A7F03D73619",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp11:*:*:*:*:*:*",
                     matchCriteriaId: "C4A09C00-8D54-4674-A1D9-2F5AAD44CDD6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp12:*:*:*:*:*:*",
                     matchCriteriaId: "67BFAB48-462F-4E95-9619-7A54E4BDF6F1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp3:*:*:*:*:*:*",
                     matchCriteriaId: "E488E9F3-5329-43F1-AC9D-36760B95C91A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp4:*:*:*:*:*:*",
                     matchCriteriaId: "CDD19739-0237-4C6F-9B6C-E47C9053F82A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp5:*:*:*:*:*:*",
                     matchCriteriaId: "ACC5B2C8-CA4E-4482-8842-52886C5D5397",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp6:*:*:*:*:*:*",
                     matchCriteriaId: "09060F4E-DDB3-4C45-B628-6357ED0FA008",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp7:*:*:*:*:*:*",
                     matchCriteriaId: "7C6013D3-4D4C-46F8-82E6-271FB44FD126",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp8:*:*:*:*:*:*",
                     matchCriteriaId: "B1BED830-57D9-4051-B9D0-4E010AFA7451",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:9.1:sp9:*:*:*:*:*:*",
                     matchCriteriaId: "110B4593-6CF2-443B-AC7D-7DA98C44058C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "0AF32565-F747-4450-841E-B54E2977BA91",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "B86F3D17-7408-4721-9921-3EB702018C6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:sp2:*:*:*:*:*:*",
                     matchCriteriaId: "BA3D7B64-7AD6-47D0-846D-A70C2838B653",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:sp3:*:*:*:*:*:*",
                     matchCriteriaId: "0EF71DB4-1523-4270-B0D8-0D20A2A6EAE8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:sp4:*:*:*:*:*:*",
                     matchCriteriaId: "2E32E623-597A-4931-B7CF-EED6EEBA61DF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:sp5:*:*:*:*:*:*",
                     matchCriteriaId: "47898FEC-4BB7-469F-9020-2D9FB1B2C50E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:sp6:*:*:*:*:*:*",
                     matchCriteriaId: "D429B865-B22A-4F9B-922F-D1F817DF1147",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:ip_office:10.0:sp7:*:*:*:*:*:*",
                     matchCriteriaId: "AE40493E-ED60-4BFC-9E48-D3148E4D0834",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:avaya:aura_messaging:6.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "BF272A94-7530-4DA2-9933-87984366BFAA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_messaging:6.3.3:-:*:*:*:*:*:*",
                     matchCriteriaId: "F428AFF6-9DF7-4B7D-AC2E-8031AEA61F10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp4:*:*:*:*:*:*",
                     matchCriteriaId: "7C31ABCE-668E-455A-A3BC-6F42E1E5C973",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp5:*:*:*:*:*:*",
                     matchCriteriaId: "C370E9B0-72EB-47E2-8FD9-F6A65ABE26E2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_messaging:6.3.3:sp6:*:*:*:*:*:*",
                     matchCriteriaId: "834D01F3-8266-4202-BB9A-B2805FE4FEDA",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_session_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1433DE76-61AC-44FD-A5A4-1747F8F2FEF9",
                     versionEndIncluding: "6.3.18",
                     versionStartIncluding: "6.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_session_manager:7.0:-:*:*:*:*:*:*",
                     matchCriteriaId: "AEBC4E93-E283-446B-A928-8B8B51F2C154",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_session_manager:7.0:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "E88C0156-15E8-4F2F-8015-8ED421874863",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_session_manager:7.0:sp2:*:*:*:*:*:*",
                     matchCriteriaId: "BEF48D0A-732F-4C32-A3BB-F0F8A777DC1D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_session_manager:7.0.1:-:*:*:*:*:*:*",
                     matchCriteriaId: "81979E50-603A-4210-9C27-F3B9974DC226",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "822B7EBF-C87D-4247-9F7F-10B94A37EEAC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp2:*:*:*:*:*:*",
                     matchCriteriaId: "046A0465-FF7B-4F25-8502-FFD3C6D9D375",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B532A02-FF99-4102-AB99-4ED89875E436",
                     versionEndIncluding: "6.3.18",
                     versionStartIncluding: "6.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA21572A-1848-4B45-88EE-FAA3A13E4B47",
                     versionEndIncluding: "7.0.1.3",
                     versionStartIncluding: "7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0B3D7C4-968C-4F8D-95A6-FC2BF6DC80EA",
                     versionEndIncluding: "6.3.14",
                     versionStartIncluding: "6.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8A5C4CAB-B2B9-4892-8183-31AC1DB17FA5",
                     versionEndIncluding: "7.0.1.2",
                     versionStartIncluding: "7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:meeting_exchange:6.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "88AD2F3E-8B67-4FFF-87F0-6624C7026EBB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:meeting_exchange:6.2:sp3:*:*:*:*:*:*",
                     matchCriteriaId: "153B3C0F-9FF7-4CC6-BA38-157C66E93410",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6ADC723-586B-4836-9A39-99DFE46E630D",
                     versionEndIncluding: "6.3",
                     versionStartIncluding: "5.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:-:*:*:*:*:*:*",
                     matchCriteriaId: "D0EBE856-466D-4F6B-A10A-B1DFCD703189",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp1:*:*:*:*:*:*",
                     matchCriteriaId: "1CD0A719-AF58-450B-A6D9-D2AEE9DDE409",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp2:*:*:*:*:*:*",
                     matchCriteriaId: "A8D3B3F6-EBB2-42DC-8749-EB8C1DF29C95",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp5:*:*:*:*:*:*",
                     matchCriteriaId: "101133AA-42DF-44E1-A6BC-AA1131EEA2A2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:avaya:proactive_contact:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7DEDCFB-3074-4E52-A2D8-0B78B0DBDF85",
                     versionEndIncluding: "5.1.2",
                     versionStartIncluding: "5.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "143AC145-18D3-41B4-9E6F-DC16B94854B1",
                     versionEndIncluding: "6.3",
                     versionStartIncluding: "6.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9492A764-F772-428F-B81D-90B109829F0C",
                     versionEndIncluding: "7.1",
                     versionStartIncluding: "7.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:avaya:session_border_controller_for_enterprise:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9EA3E439-6712-4345-A918-A300163CAF94",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:avaya:aura_system_platform_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FBD8DDDA-535C-4141-B0E5-2B379FA28AB4",
                     versionEndIncluding: "6.4.0",
                     versionStartIncluding: "6.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:avaya:aura_system_platform:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AC5935AB-8E13-4CD5-8CAE-91A9C5786880",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.",
      },
      {
         lang: "es",
         value: "Existe una vulnerabilidad de desreferencia de puntero nulo en Mozilla Network Security Services debido a una falta de verificación NULL en PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, lo que podría permitir que un usuario malintencionado remoto cause una Denegación de servicio.",
      },
   ],
   id: "CVE-2016-5285",
   lastModified: "2024-11-21T02:53:59.990",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 5,
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "HIGH",
               baseScore: 7.5,
               baseSeverity: "HIGH",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
               version: "3.1",
            },
            exploitabilityScore: 3.9,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-11-15T16:15:10.110",
   references: [
      {
         source: "security@mozilla.org",
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
      },
      {
         source: "security@mozilla.org",
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
      },
      {
         source: "security@mozilla.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
      },
      {
         source: "security@mozilla.org",
         url: "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
      },
      {
         source: "security@mozilla.org",
         url: "http://www.securityfocus.com/bid/94349",
      },
      {
         source: "security@mozilla.org",
         url: "http://www.ubuntu.com/usn/USN-3163-1",
      },
      {
         source: "security@mozilla.org",
         url: "https://bto.bluecoat.com/security-advisory/sa137",
      },
      {
         source: "security@mozilla.org",
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
      },
      {
         source: "security@mozilla.org",
         url: "https://security.gentoo.org/glsa/201701-46",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/94349",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.ubuntu.com/usn/USN-3163-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://bto.bluecoat.com/security-advisory/sa137",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://security.gentoo.org/glsa/201701-46",
      },
   ],
   sourceIdentifier: "security@mozilla.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-476",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}