Rewterz Threat Advisory – CVE-2021-41449 – NETGEAR products Vulnerability
December 2, 2021Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
December 2, 2021Rewterz Threat Advisory – CVE-2021-41449 – NETGEAR products Vulnerability
December 2, 2021Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
December 2, 2021Severity
Medium
Analysis Summary
CVE-2021-43527
Mozilla Network Security Services (NSS), as used in Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when handling DER-encoded DSA or RSA-PSS signatures. By sending an overly long signature, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Impact
- Buffer Overflow
Affected Vendors
Mozilla
Affected Products
- Mozilla Nss 3.66
Remediation
Refer to Mozilla Security Advisory for patch, upgrade or suggested workaround information.