CVE-2016-5285

Summary

A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.

Affected Software

VendorProductVersion RangeStatus
MozillaNetwork Security Services3.24affected

Weaknesses

  • denial of service

ADP Enrichment

CVE Program Container

Additional References

References