Mozilla Foundation Security Advisory 2013-40
Out-of-bounds array read in CERT_DecodeCertPackage
- Announced
- April 2, 2013
- Reporter
- Ambroz Bizjak
- Impact
- Moderate
- Products
- Firefox, Firefox ESR, SeaMonkey, Thunderbird, Thunderbird ESR
- Fixed in
- 
        - Firefox 20
- Firefox ESR 17.0.5
- SeaMonkey 2.17
- Thunderbird 17.0.5
- Thunderbird ESR 17.0.5
 
Description
Mozilla community member Ambroz Bizjak reported an
out-of-bounds array read in the CERT_DecodeCertPackage function of
the Network Security Services (NSS) libary when decoding a certificate. When
this occurs, it will lead to memory corruption and a non-exploitable crash.