CVE-2016-5285
Vulnerability from cvelistv5
Published
2019-11-15 15:44
Modified
2024-08-06 00:53
Severity ?
Summary
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:53:48.923Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94349"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201701-46"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3163-1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bto.bluecoat.com/security-advisory/sa137"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Network Security Services",
          "vendor": "Mozilla",
          "versions": [
            {
              "status": "affected",
              "version": "3.24"
            }
          ]
        }
      ],
      "datePublic": "2016-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "denial of service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-09T19:53:19",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/bid/94349"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.gentoo.org/glsa/201701-46"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3163-1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bto.bluecoat.com/security-advisory/sa137"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@mozilla.org",
          "ID": "CVE-2016-5285",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Network Security Services",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.24"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Mozilla"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "denial of service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html",
              "refsource": "MISC",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html"
            },
            {
              "name": "http://www.securityfocus.com/bid/94349",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/bid/94349"
            },
            {
              "name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html",
              "refsource": "MISC",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html"
            },
            {
              "name": "https://security.gentoo.org/glsa/201701-46",
              "refsource": "MISC",
              "url": "https://security.gentoo.org/glsa/201701-46"
            },
            {
              "name": "http://rhn.redhat.com/errata/RHSA-2016-2779.html",
              "refsource": "MISC",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-2779.html"
            },
            {
              "name": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html",
              "refsource": "MISC",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html"
            },
            {
              "name": "http://www.ubuntu.com/usn/USN-3163-1",
              "refsource": "MISC",
              "url": "http://www.ubuntu.com/usn/USN-3163-1"
            },
            {
              "name": "https://bto.bluecoat.com/security-advisory/sa137",
              "refsource": "MISC",
              "url": "https://bto.bluecoat.com/security-advisory/sa137"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1306103"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2016-5285",
    "datePublished": "2019-11-15T15:44:05",
    "dateReserved": "2016-06-03T00:00:00",
    "dateUpdated": "2024-08-06T00:53:48.923Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-5285\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2019-11-15T16:15:10.110\",\"lastModified\":\"2020-01-09T20:15:10.723\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de desreferencia de puntero nulo en Mozilla Network Security Services debido a una falta de verificaci\u00f3n NULL en PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, lo que podr\u00eda permitir que un usuario malintencionado remoto cause una Denegaci\u00f3n de servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.26\",\"matchCriteriaId\":\"2AC43A23-2511-42A3-BA33-C6BABE962FB1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8B549B-E57B-4DFE-8A13-CAB06B5356B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*\",\"matchCriteriaId\":\"CB6476C7-03F2-4939-AB85-69AA524516D9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_enablement_services:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\",\"versionEndIncluding\":\"6.3.3\",\"matchCriteriaId\":\"D638A011-7DFF-4369-95DB-EE977A9B34DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_enablement_services:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"00127FED-CA13-44FA-89D5-068A3BFD1782\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FD52516-C173-4F55-A4F1-11E1623E0430\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BAF15A8-A2D8-487E-960F-EB10524A49B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EE8624E-3F8F-4AC0-9BC9-5DBF2A3BBA83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C30F303-BA9F-4934-A358-4EA4C04EB948\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9F3ABDF-6A28-492E-8F6B-53192E7D1917\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B984320-0031-4CEF-BDE5-5A5E274DEE11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE3EDB11-5831-403F-B6BB-3A84C0943487\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD108976-1E55-47F6-806B-2F61661CA128\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A789ADCD-3BAF-4EE3-8342-AFBEF026F71B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.3:*:*:*:*:*:*\",\"matchCriteriaId\":\"CADCC5A5-8BE4-41FD-BC8D-81607159998B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.5:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D0E4D1B-CA60-4219-ACD7-97BE0B8E10D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"18C2C82C-E595-4323-88A7-CE5D23E9F6E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"164809B0-EB36-470E-B9B2-75D5B2754600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E2F66A4-FB3A-49BB-AD18-5630A057907B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndIncluding\":\"6.3.117.0\",\"matchCriteriaId\":\"CB1E43C1-EF6C-423B-A5D0-32E852E4C358\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_communication_manager:7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C2E06A0-09B4-40C9-8A62-0EE0BFE1DECA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_communication_manager:7.0:sp:*:*:*:*:*:*\",\"matchCriteriaId\":\"615496B7-5D31-46F5-8795-37ADD595C886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_communication_manager:7.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"53379B70-20CC-4827-AE6A-A1DFA11B3733\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"03D34DA0-C975-4A13-BD7E-575CCAE390BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D635CBA4-B881-4113-BA27-6D0EE1CF6E39\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:breeze_platform:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.0\",\"versionEndIncluding\":\"3.2\",\"matchCriteriaId\":\"8B33AAA6-8BFD-4398-8DC4-1F7C3B94FDF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"18.0.0.1\",\"versionEndIncluding\":\"18.0.0.2\",\"matchCriteriaId\":\"D6DC0A0C-0FC6-439D-B865-634726034705\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:call_management_system:17.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"E328FD0E-115F-4092-AE1E-C22B72350B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:call_management_system:17.0:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"349543A5-1FD9-46B4-8EAB-52E524A8DF0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:call_management_system:17.0:r4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D6AA6F0-7AF5-4CC0-8202-65BA15086BF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:call_management_system:17.0:r5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A96492BE-C5FC-4936-9B1A-E4675ABB9D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:call_management_system:17.0:r6:*:*:*:*:*:*\",\"matchCriteriaId\":\"373F0F03-AC30-4D50-B2F5-30DAEF52C8B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:iq:5.2.x:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C6923AF-6862-4D6C-985A-CF8BF5C3D868\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:avaya:cs1000e_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.6\",\"matchCriteriaId\":\"0F339C1D-A2C2-4885-B1C6-76923B09C18C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:avaya:cs1000e:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAB8A1AD-47C2-44F9-9C84-796FE0168E5A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:avaya:cs1000m_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.6\",\"matchCriteriaId\":\"B2139CFD-0302-4281-9D9F-70E7D28B8354\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:avaya:cs1000m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDA76EA5-A0AA-4985-9AE5-0C6FA1469E0C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:avaya:cs1000e\\\\/cs1000m_signaling_server_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.6\",\"matchCriteriaId\":\"53F50E03-897D-45D4-BE6A-3D7B4D0D79F9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:avaya:cs1000e\\\\/cs1000m_signaling_server:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1690698-8AB7-4129-8935-F08A6D52B559\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A5B17F8-B06D-4E95-83F8-AA2AAA90677A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1A754AC-0023-4A0C-BFFB-6BF7758435B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:8.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FC61B45-0975-4ED1-BD28-BB5EE5F3A51D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:8.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"838A248E-F9E2-4016-82C5-6AAEA21B5F0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:8.0:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"A1BB9C6F-0171-41E7-A4FF-CDBCE360EDAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:8.0:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C0B69F2-7AB0-4E22-98F4-083E26BDA27B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:8.0:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"5FC7A8E0-5AEF-4FA3-AC1D-63F7F609E781\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:8.0:sp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEFC084B-FCC2-438E-B65D-8B139F995551\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_conferencing:8.0:sp9:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDD6F033-9716-42FB-9A2F-B08EDAAE1438\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_experience_portal:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.0\",\"versionEndIncluding\":\"7.1\",\"matchCriteriaId\":\"E3910F71-B4AE-40CC-9EDC-27160869A4FC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28DCFA27-23EB-4BBE-A020-F1854E4064A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"51C14CE3-651D-4503-9711-088B9CF773A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9468982C-DB32-490B-9131-9D35E8339467\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp10:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B490A4A-A837-4CC6-8A44-5A7F03D73619\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp11:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4A09C00-8D54-4674-A1D9-2F5AAD44CDD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp12:*:*:*:*:*:*\",\"matchCriteriaId\":\"67BFAB48-462F-4E95-9619-7A54E4BDF6F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E488E9F3-5329-43F1-AC9D-36760B95C91A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDD19739-0237-4C6F-9B6C-E47C9053F82A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACC5B2C8-CA4E-4482-8842-52886C5D5397\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"09060F4E-DDB3-4C45-B628-6357ED0FA008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C6013D3-4D4C-46F8-82E6-271FB44FD126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1BED830-57D9-4051-B9D0-4E010AFA7451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:9.1:sp9:*:*:*:*:*:*\",\"matchCriteriaId\":\"110B4593-6CF2-443B-AC7D-7DA98C44058C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF32565-F747-4450-841E-B54E2977BA91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B86F3D17-7408-4721-9921-3EB702018C6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3D7B64-7AD6-47D0-846D-A70C2838B653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF71DB4-1523-4270-B0D8-0D20A2A6EAE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E32E623-597A-4931-B7CF-EED6EEBA61DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"47898FEC-4BB7-469F-9020-2D9FB1B2C50E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"D429B865-B22A-4F9B-922F-D1F817DF1147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:ip_office:10.0:sp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE40493E-ED60-4BFC-9E48-D3148E4D0834\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_messaging:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF272A94-7530-4DA2-9933-87984366BFAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_messaging:6.3.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"F428AFF6-9DF7-4B7D-AC2E-8031AEA61F10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_messaging:6.3.3:sp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C31ABCE-668E-455A-A3BC-6F42E1E5C973\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_messaging:6.3.3:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C370E9B0-72EB-47E2-8FD9-F6A65ABE26E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_messaging:6.3.3:sp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"834D01F3-8266-4202-BB9A-B2805FE4FEDA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_session_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndIncluding\":\"6.3.18\",\"matchCriteriaId\":\"1433DE76-61AC-44FD-A5A4-1747F8F2FEF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_session_manager:7.0:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEBC4E93-E283-446B-A928-8B8B51F2C154\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_session_manager:7.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E88C0156-15E8-4F2F-8015-8ED421874863\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_session_manager:7.0:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEF48D0A-732F-4C32-A3BB-F0F8A777DC1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_session_manager:7.0.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"81979E50-603A-4210-9C27-F3B9974DC226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"822B7EBF-C87D-4247-9F7F-10B94A37EEAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"046A0465-FF7B-4F25-8502-FFD3C6D9D375\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndIncluding\":\"6.3.18\",\"matchCriteriaId\":\"3B532A02-FF99-4102-AB99-4ED89875E436\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.0.1.3\",\"matchCriteriaId\":\"AA21572A-1848-4B45-88EE-FAA3A13E4B47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndIncluding\":\"6.3.14\",\"matchCriteriaId\":\"B0B3D7C4-968C-4F8D-95A6-FC2BF6DC80EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.0.1.2\",\"matchCriteriaId\":\"8A5C4CAB-B2B9-4892-8183-31AC1DB17FA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:meeting_exchange:6.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"88AD2F3E-8B67-4FFF-87F0-6624C7026EBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:meeting_exchange:6.2:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"153B3C0F-9FF7-4CC6-BA38-157C66E93410\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.2\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"B6ADC723-586B-4836-9A39-99DFE46E630D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0EBE856-466D-4F6B-A10A-B1DFCD703189\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CD0A719-AF58-450B-A6D9-D2AEE9DDE409\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8D3B3F6-EBB2-42DC-8749-EB8C1DF29C95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"101133AA-42DF-44E1-A6BC-AA1131EEA2A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:avaya:proactive_contact:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndIncluding\":\"5.1.2\",\"matchCriteriaId\":\"E7DEDCFB-3074-4E52-A2D8-0B78B0DBDF85\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"143AC145-18D3-41B4-9E6F-DC16B94854B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndIncluding\":\"7.1\",\"matchCriteriaId\":\"9492A764-F772-428F-B81D-90B109829F0C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:avaya:session_border_controller_for_enterprise:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EA3E439-6712-4345-A918-A300163CAF94\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:avaya:aura_system_platform_firmware:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndIncluding\":\"6.4.0\",\"matchCriteriaId\":\"FBD8DDDA-535C-4141-B0E5-2B379FA28AB4\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:avaya:aura_system_platform:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC5935AB-8E13-4CD5-8CAE-91A9C5786880\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2779.html\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.securityfocus.com/bid/94349\",\"source\":\"security@mozilla.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3163-1\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://bto.bluecoat.com/security-advisory/sa137\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1306103\",\"source\":\"security@mozilla.org\"},{\"url\":\"https://security.gentoo.org/glsa/201701-46\",\"source\":\"security@mozilla.org\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.