CVE-2004-0826

Description

Heap-based buffer overflow in Netscape Network Security Services (NSS) library allows remote attackers to execute arbitrary code via a modified record length field in an SSLv2 client hello message.

Affected products

HP / hp-ux11.00 – 11.00
HP / hp-ux11.11 – 11.11
HP / hp-ux11.23 – 11.23
Mozilla / Network Security Services3.4.2 – 3.4.2
Mozilla / Network Security Services3.5 – 3.5
Mozilla / Network Security Services3.2 – 3.2
Mozilla / Network Security Services3.6 – 3.6
Mozilla / Network Security Services3.6.1 – 3.6.1
Mozilla / Network Security Services3.7 – 3.7
Mozilla / Network Security Services3.7.1 – 3.7.1
Mozilla / Network Security Services3.7.2 – 3.7.2
Mozilla / Network Security Services3.7.3 – 3.7.3
Mozilla / Network Security Services3.7.5 – 3.7.5
Mozilla / Network Security Services3.7.7 – 3.7.7
Mozilla / Network Security Services3.8 – 3.8
Mozilla / Network Security Services3.9 – 3.9
Mozilla / Network Security Services3.3.1 – 3.3.1
Mozilla / Network Security Services3.4 – 3.4
Mozilla / Network Security Services3.4.1 – 3.4.1
Mozilla / Network Security Services3.2.1 – 3.2.1
Mozilla / Network Security Services3.3 – 3.3
Mozilla / Network Security Services3.3.2 – 3.3.2
netscape / certificate_server4.2 – 4.2
netscape / certificate_server1.0 – 1.0
netscape / directory_server1.3 – 1.3
netscape / directory_server3.1 – 3.1
netscape / directory_server3.12 – 3.12
netscape / directory_server4.11 – 4.11
netscape / directory_server4.1 – 4.1
netscape / directory_server4.13 – 4.13
netscape / enterprise_server3.1 – 3.1
netscape / enterprise_server2.0 – 2.0
netscape / enterprise_server2.0.1c – 2.0.1c
netscape / enterprise_server2.0a – 2.0a
netscape / enterprise_server3.0 – 3.0
netscape / enterprise_server3.0.1 – 3.0.1
netscape / enterprise_server3.0.1b – 3.0.1b
netscape / enterprise_server3.0.7a – 3.0.7a
netscape / enterprise_server3.0l – 3.0l
netscape / enterprise_server3.2 – 3.2
netscape / enterprise_server3.3 – 3.3
netscape / enterprise_server3.4 – 3.4
netscape / enterprise_server3.5 – 3.5
netscape / enterprise_server3.5 – 3.5
netscape / enterprise_server3.5.1 – 3.5.1
netscape / enterprise_server3.6 – 3.6
netscape / enterprise_server3.6 – 3.6
netscape / enterprise_server3.6 – 3.6
netscape / enterprise_server3.6 – 3.6
netscape / enterprise_server3.6 – 3.6
netscape / enterprise_server4.0 – 4.0
netscape / enterprise_server4.1 – 4.1
netscape / enterprise_server4.1 – 4.1
netscape / enterprise_server4.1 – 4.1
netscape / enterprise_server4.1 – 4.1
netscape / enterprise_server4.1 – 4.1
netscape / enterprise_server4.1 – 4.1
netscape / enterprise_server4.1.1 – 4.1.1
netscape / enterprise_server5.0 – 5.0
netscape / personalization_engine
sun / java_enterprise_system2003q4 – 2003q4
sun / java_enterprise_system2004q2 – 2004q2
sun / java_system_application_server7.0 – 7.0
sun / java_system_application_server7.1 – 7.1
sun / java_system_application_server7.0 – 7.0
sun / java_system_application_server7.0 – 7.0
sun / java_system_application_server7.0 – 7.0
sun / one_application_server6.0 – 6.0
sun / one_application_server6.0 – 6.0
sun / one_application_server6.0 – 6.0
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server6.0 – 6.0
sun / one_web_server6.0 – 6.0
sun / one_web_server6.0 – 6.0
sun / one_web_server6.0 – 6.0
sun / one_web_server6.0 – 6.0
sun / one_web_server6.1 – 6.1
sun / one_web_server6.1 – 6.1
sun / one_web_server6.1 – 6.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1
sun / one_web_server4.1 – 4.1

CVE-2004-0826

Description

Affected products

References