CVE-2016-5285
15.11.2019, 16:15
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.Enginsight
| Vendor | Product | Version |
|---|---|---|
| mozilla | nss | 𝑥 < 3.26 |
| debian | debian_linux | 8.0 |
| debian | debian_linux | 9.0 |
| debian | debian_linux | 10.0 |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux | 7.0 |
| avaya | aura_application_enablement_services | 6.1 ≤ 𝑥 ≤ 6.3.3 |
| avaya | aura_application_enablement_services | 7.0 |
| avaya | aura_application_server_5300 | 3.0 |
| avaya | aura_application_server_5300 | 3.0:sp1 |
| avaya | aura_application_server_5300 | 3.0:sp10 |
| avaya | aura_application_server_5300 | 3.0:sp10.1 |
| avaya | aura_application_server_5300 | 3.0:sp11 |
| avaya | aura_application_server_5300 | 3.0:sp11.1 |
| avaya | aura_application_server_5300 | 3.0:sp12 |
| avaya | aura_application_server_5300 | 3.0:sp12.1 |
| avaya | aura_application_server_5300 | 3.0:sp12.2 |
| avaya | aura_application_server_5300 | 3.0:sp12.3 |
| avaya | aura_application_server_5300 | 3.0:sp12.5 |
| avaya | aura_application_server_5300 | 3.0:sp3 |
| avaya | aura_application_server_5300 | 3.0:sp5 |
| avaya | aura_application_server_5300 | 3.0:sp7 |
| avaya | aura_communication_manager | 6.0 ≤ 𝑥 ≤ 6.3.117.0 |
| avaya | aura_communication_manager | 7.0 |
| avaya | aura_communication_manager | 7.0:sp |
| avaya | aura_communication_manager | 7.0:sp3 |
| avaya | aura_communication_manager_messagint | 7.0 |
| avaya | aura_communication_manager_messagint | 7.0:sp1 |
| avaya | breeze_platform | 3.0 ≤ 𝑥 ≤ 3.2 |
| avaya | call_management_system | 18.0.0.1 ≤ 𝑥 ≤ 18.0.0.2 |
| avaya | call_management_system | 17.0 |
| avaya | call_management_system | 17.0:r3 |
| avaya | call_management_system | 17.0:r4 |
| avaya | call_management_system | 17.0:r5 |
| avaya | call_management_system | 17.0:r6 |
| avaya | iq | 5.2.x:x |
| avaya | cs1000e_firmware | 7.0 ≤ 𝑥 ≤ 7.6 |
| avaya | cs1000m_firmware | 7.0 ≤ 𝑥 ≤ 7.6 |
| avaya | cs1000e\/cs1000m_signaling_server_firmware | 7.0 ≤ 𝑥 ≤ 7.6 |
| avaya | aura_conferencing | 7.0 |
| avaya | aura_conferencing | 7.2 |
| avaya | aura_conferencing | 8.0 |
| avaya | aura_conferencing | 8.0:sp2 |
| avaya | aura_conferencing | 8.0:sp4 |
| avaya | aura_conferencing | 8.0:sp5 |
| avaya | aura_conferencing | 8.0:sp7 |
| avaya | aura_conferencing | 8.0:sp8 |
| avaya | aura_conferencing | 8.0:sp9 |
| avaya | aura_experience_portal | 6.0 ≤ 𝑥 ≤ 7.1 |
| avaya | ip_office | 8.1 |
| avaya | ip_office | 9.1 |
| avaya | ip_office | 9.1:sp1 |
| avaya | ip_office | 9.1:sp10 |
| avaya | ip_office | 9.1:sp11 |
| avaya | ip_office | 9.1:sp12 |
| avaya | ip_office | 9.1:sp3 |
| avaya | ip_office | 9.1:sp4 |
| avaya | ip_office | 9.1:sp5 |
| avaya | ip_office | 9.1:sp6 |
| avaya | ip_office | 9.1:sp7 |
| avaya | ip_office | 9.1:sp8 |
| avaya | ip_office | 9.1:sp9 |
| avaya | ip_office | 10.0 |
| avaya | ip_office | 10.0:sp1 |
| avaya | ip_office | 10.0:sp2 |
| avaya | ip_office | 10.0:sp3 |
| avaya | ip_office | 10.0:sp4 |
| avaya | ip_office | 10.0:sp5 |
| avaya | ip_office | 10.0:sp6 |
| avaya | ip_office | 10.0:sp7 |
| avaya | aura_messaging | 6.3 |
| avaya | aura_messaging | 6.3.3 |
| avaya | aura_messaging | 6.3.3:sp4 |
| avaya | aura_messaging | 6.3.3:sp5 |
| avaya | aura_messaging | 6.3.3:sp6 |
| avaya | aura_session_manager | 6.3 ≤ 𝑥 ≤ 6.3.18 |
| avaya | aura_session_manager | 7.0 |
| avaya | aura_session_manager | 7.0:sp1 |
| avaya | aura_session_manager | 7.0:sp2 |
| avaya | aura_session_manager | 7.0.1 |
| avaya | aura_session_manager | 7.0.1:sp1 |
| avaya | aura_session_manager | 7.0.1:sp2 |
| avaya | aura_system_manager | 6.3 ≤ 𝑥 ≤ 6.3.18 |
| avaya | aura_system_manager | 7.0 ≤ 𝑥 ≤ 7.0.1.3 |
| avaya | aura_utility_services | 6.3 ≤ 𝑥 ≤ 6.3.14 |
| avaya | aura_utility_services | 7.0 ≤ 𝑥 ≤ 7.0.1.2 |
| avaya | meeting_exchange | 6.2 |
| avaya | meeting_exchange | 6.2:sp3 |
| avaya | message_networking | 5.2 ≤ 𝑥 ≤ 6.3 |
| avaya | one-x_client_enablement_services | 6.2 |
| avaya | one-x_client_enablement_services | 6.2:sp1 |
| avaya | one-x_client_enablement_services | 6.2:sp2 |
| avaya | one-x_client_enablement_services | 6.2:sp5 |
| avaya | proactive_contact | 5.0 ≤ 𝑥 ≤ 5.1.2 |
| avaya | session_border_controller_for_enterprise_firmware | 6.2 ≤ 𝑥 ≤ 6.3 |
| avaya | session_border_controller_for_enterprise_firmware | 7.0 ≤ 𝑥 ≤ 7.1 |
| avaya | aura_system_platform_firmware | 6.3 ≤ 𝑥 ≤ 6.4.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration
References