Search for vulnerabilities
Vulnerability details: VCID-5qwa-3ng8-aaan
Vulnerability ID VCID-5qwa-3ng8-aaan
Aliases CVE-2016-1950
Summary Heap-based buffer overflow in Mozilla Network Security Services (NSS) before 3.19.2.3 and 3.20.x and 3.21.x before 3.21.1, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code via crafted ASN.1 data in an X.509 certificate.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
generic_textual HIGH http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
generic_textual MODERATE http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1950.html
rhas Critical https://access.redhat.com/errata/RHSA-2016:0370
rhas Critical https://access.redhat.com/errata/RHSA-2016:0371
rhas Critical https://access.redhat.com/errata/RHSA-2016:0495
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.00899 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01006 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.01380 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03013 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03013 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03013 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03013 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03013 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03013 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03013 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03069 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.03995 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
epss 0.10224 https://api.first.org/data/v1/epss?cve=CVE-2016-1950
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=1310509
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834
cvssv2 6.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 6.8 https://nvd.nist.gov/vuln/detail/CVE-2016-1950
cvssv3 8.8 https://nvd.nist.gov/vuln/detail/CVE-2016-1950
generic_textual HIGH https://support.apple.com/HT206166
generic_textual HIGH https://support.apple.com/HT206167
generic_textual HIGH https://support.apple.com/HT206168
generic_textual HIGH https://support.apple.com/HT206169
generic_textual Medium https://ubuntu.com/security/notices/USN-2917-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2924-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2934-1
generic_textual critical https://www.mozilla.org/en-US/security/advisories/mfsa2016-35
generic_textual Medium https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
cvssv3.1 8.1 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
cvssv3.1 7.5 http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual HIGH http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
generic_textual Low http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Reference id Reference type URL
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00016.html
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1950.html
http://rhn.redhat.com/errata/RHSA-2016-0495.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1950.json
https://api.first.org/data/v1/epss?cve=CVE-2016-1950
https://bto.bluecoat.com/security-advisory/sa119
https://bugzilla.mozilla.org/show_bug.cgi?id=1245528
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4000
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7181
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7182
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1938
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1952
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1954
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1957
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1958
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1960
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1961
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1964
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1965
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1966
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1974
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1977
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1978
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1979
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2791
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2792
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2793
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2795
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2796
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2797
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2798
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2799
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2800
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2801
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2802
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2834
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.19.2.3_release_notes
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.21.1_release_notes
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://security.gentoo.org/glsa/201605-06
https://support.apple.com/HT206166
https://support.apple.com/HT206167
https://support.apple.com/HT206168
https://support.apple.com/HT206169
https://ubuntu.com/security/notices/USN-2917-1
https://ubuntu.com/security/notices/USN-2924-1
https://ubuntu.com/security/notices/USN-2934-1
https://www.mozilla.org/en-US/security/advisories/mfsa2016-35/
http://www.debian.org/security/2016/dsa-3510
http://www.debian.org/security/2016/dsa-3520
http://www.debian.org/security/2016/dsa-3688
http://www.mozilla.org/security/announce/2016/mfsa2016-35.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
http://www.securityfocus.com/bid/84223
http://www.securitytracker.com/id/1035215
http://www.ubuntu.com/usn/USN-2917-1
http://www.ubuntu.com/usn/USN-2917-2
http://www.ubuntu.com/usn/USN-2917-3
http://www.ubuntu.com/usn/USN-2924-1
http://www.ubuntu.com/usn/USN-2934-1
1310509 https://bugzilla.redhat.com/show_bug.cgi?id=1310509
cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:glassfish_server:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_proxy_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:iplanet_web_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*
cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*
CVE-2016-1950 https://nvd.nist.gov/vuln/detail/CVE-2016-1950
mfsa2016-35 https://www.mozilla.org/en-US/security/advisories/mfsa2016-35
RHSA-2016:0370 https://access.redhat.com/errata/RHSA-2016:0370
RHSA-2016:0371 https://access.redhat.com/errata/RHSA-2016:0371
RHSA-2016:0495 https://access.redhat.com/errata/RHSA-2016:0495
USN-2917-1 https://usn.ubuntu.com/2917-1/
USN-2924-1 https://usn.ubuntu.com/2924-1/
USN-2934-1 https://usn.ubuntu.com/2934-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-1950
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-1950
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.82459
EPSS Score 0.00899
Published At Dec. 17, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.