VYPR
Get started
← All advisories
High severity7.5NVD Advisory· Published May 30, 2017· Updated May 13, 2026

CVE-2017-7502

CVE-2017-7502

Description

Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker.

Affected products

19
  • Mozilla Corporation/Network Security Services18 versions
    cpe:2.3:a:mozilla:network_security_services:3.24.0:*:*:*:*:*:*:*+ 17 more
    • cpe:2.3:a:mozilla:network_security_services:3.24.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.25.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.25.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.26.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.26.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.27.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.27.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.27.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.28.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.28.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.28.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.28.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.29.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.29.1:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.29.2:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.29.3:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.30.0:*:*:*:*:*:*:*
    • cpe:2.3:a:mozilla:network_security_services:3.30.1:*:*:*:*:*:*:*
  • NSS project/nssv5
    Range: since 3.24.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

9

News mentions

0

No linked articles in our index yet.