Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-2b7j-hzma-nbfb
Vulnerability ID VCID-2b7j-hzma-nbfb
Aliases CVE-2012-0441
Summary Security researcher Kaspar Brand found a flaw in how the Network Security Services (NSS) ASN.1 decoder handles zero length items. Effects of this issue depend on the field. One known symptom is an unexploitable crash in handling OCSP responses. NSS also mishandles zero-length basic constraints, assuming default values for some types that should be rejected as malformed. These issues have been addressed in NSS 3.13.4, which is now being used by Mozilla.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.03581 https://api.first.org/data/v1/epss?cve=CVE-2012-0441
generic_textual none https://www.mozilla.org/en-US/security/advisories/mfsa2012-39
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0441.json
https://api.first.org/data/v1/epss?cve=CVE-2012-0441
827833 https://bugzilla.redhat.com/show_bug.cgi?id=827833
CVE-2012-0441 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0441
GLSA-201301-01 https://security.gentoo.org/glsa/201301-01
mfsa2012-39 https://www.mozilla.org/en-US/security/advisories/mfsa2012-39
RHSA-2012:1090 https://access.redhat.com/errata/RHSA-2012:1090
RHSA-2012:1091 https://access.redhat.com/errata/RHSA-2012:1091
USN-1463-1 https://usn.ubuntu.com/1463-1/
USN-1463-4 https://usn.ubuntu.com/1463-4/
USN-1463-6 https://usn.ubuntu.com/1463-6/
USN-1540-1 https://usn.ubuntu.com/1540-1/
USN-1540-2 https://usn.ubuntu.com/1540-2/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.8794
EPSS Score 0.03581
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T08:27:24.724439+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2012/mfsa2012-39.md 38.6.0