CVE-2014-1544 (retired)

Priority
Description
Use-after-free vulnerability in the CERT_DestroyCertificate function in
libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in
Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before
24.7, allows remote attackers to execute arbitrary code via vectors that
trigger certain improper removal of an NSSCertificate structure from a
trust domain.
Assigned-to
mdeslaur
Package
Upstream:released (31.0)
Ubuntu 14.04 ESM (Trusty Tahr):released (31.0~b9+build1-0ubuntu1)
Package
Source: nss (LP Ubuntu Debian)
Upstream:released (3.16.2)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (2:3.16.3-1ubuntu1)
Patches:
Upstream:https://hg.mozilla.org/projects/nss/rev/204f22c527f8
Upstream:https://hg.mozilla.org/projects/nss/rev/872dd4d243ac
Package
Priority: Low
Upstream:released (31.0)
Ubuntu 14.04 ESM (Trusty Tahr):released (1:31.0+build1-0ubuntu2)
More Information

Updated: 2019-09-19 15:48:12 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)