Intrusion Prevention



This indicates a possible exploit of a buffer-underflow vulnerability in the SSLv2 support in Mozilla Network Security Services (NSS).
This vulnerability is due to a buffer-underflow error in the Network Security Services (NSS) when processing a certificate with a public key that is too small to encrypt the "Master Secret". This error also occurs when handling invalid parameters while negotiating an SSLv2 session. A remote attacker may exploit this to execute arbitrary code.

Affected Products

Mozilla Thunderbird versions prior to


System compromise: Remote code execution.

Recommended Actions

Upgrade to Network Security Services (NSS) version 3.11.5:

CVE References