CVE-2013-5606

Priority
Description
The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network
Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return
value for an incompatible key-usage certificate when the CERTVerifyLog
argument is valid, which might allow remote attackers to bypass intended
access restrictions via a crafted certificate.
Assigned-to
mdeslaur
Notes
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (3.15.3)
More Information

Updated: 2019-12-05 21:06:00 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)