CVE-2017-7502
Description
Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
2.085
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Network Security Service library (USN-3336-1) libnss3_3.28.4-0ubuntu0.16.10.2_i386.deb | Linux |
| Network Security Service library (USN-3336-1) libnss3_3.28.4-0ubuntu0.16.10.2_amd64.deb | Linux |
| Network Security Service library (USN-3336-1) libnss3_3.28.4-0ubuntu0.17.04.2_i386.deb | Linux |
| Network Security Service library (USN-3336-1) libnss3_3.28.4-0ubuntu0.17.04.2_amd64.deb | Linux |
| Libnss3 3.28.4-0ubuntu0.16.10.1 for Ubuntu 16.10 (x64) libnss3_3.28.4-0ubuntu0.16.10.2_amd64.deb | Linux |
| Libnss3 3.28.4-0ubuntu0.16.10.1 for Ubuntu 16.10 libnss3_3.28.4-0ubuntu0.16.10.2_i386.deb | Linux |
| Libnss3 3.28.4-0ubuntu0.17.04.1 for Ubuntu 17.04 (x64) libnss3_3.28.4-0ubuntu0.17.04.2_amd64.deb | Linux |
| Libnss3 3.28.4-0ubuntu0.17.04.1 for Ubuntu 17.04 libnss3_3.28.4-0ubuntu0.17.04.2_i386.deb | Linux |
| CVE-2017-7502 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234