Medium
Mozilla Network Security Services (NSS), as used in Mozilla Firefox is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when handling DER-encoded DSA or RSA-PSS signatures. By sending an overly long signature, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Mozilla
Refer to Mozilla Security Advisory for patch, upgrade or suggested workaround information.