JVN/CVE Demo: Cveinfos

CVE

Id: 68863
CVE No.: CVE-2014-1568
Status: Candidate
Description: Mozilla Network Security Services (NSS) before 3.16.2.1, 3.16.x before 3.16.5, and 3.17.x before 3.17.1, as used in Mozilla Firefox before 32.0.3, Mozilla Firefox ESR 24.x before 24.8.1 and 31.x before 31.1.1, Mozilla Thunderbird before 24.8.1 and 31.x before 31.1.2, Mozilla SeaMonkey before 2.29.1, Google Chrome before 37.0.2062.124 on Windows and OS X, and Google Chrome OS before 37.0.2062.120, does not properly parse ASN.1 values in X.509 certificates, which makes it easier for remote attackers to spoof RSA signatures via a crafted certificate, aka a "signature malleability" issue.
Phase: Assigned (20140116)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
662298	68863	CVE-2014-1568	CONFIRM:http://googlechromereleases.blogspot.com/2014/09/stable-channel-update-for-chrome-os_24.html	View
662299	68863	CVE-2014-1568	CONFIRM:http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html	View
662300	68863	CVE-2014-1568	CONFIRM:http://www.mozilla.org/security/announce/2014/mfsa2014-73.html	View
662301	68863	CVE-2014-1568	CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=1064636	View
662302	68863	CVE-2014-1568	CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=1069405	View
662303	68863	CVE-2014-1568	CONFIRM:http://www.novell.com/support/kb/doc.php?id=7015701	View
662304	68863	CVE-2014-1568	CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	View
662305	68863	CVE-2014-1568	CONFIRM:http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html	View
662306	68863	CVE-2014-1568	CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	View
662307	68863	CVE-2014-1568	CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698	View
662308	68863	CVE-2014-1568	CONFIRM:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	View
662309	68863	CVE-2014-1568	CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	View
662310	68863	CVE-2014-1568	CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761	View
662311	68863	CVE-2014-1568	DEBIAN:DSA-3033	View
662312	68863	CVE-2014-1568	URL:http://www.debian.org/security/2014/dsa-3033	View
662313	68863	CVE-2014-1568	DEBIAN:DSA-3034	View
662314	68863	CVE-2014-1568	URL:http://www.debian.org/security/2014/dsa-3034	View
662315	68863	CVE-2014-1568	DEBIAN:DSA-3037	View
662316	68863	CVE-2014-1568	URL:http://www.debian.org/security/2014/dsa-3037	View
662317	68863	CVE-2014-1568	GENTOO:GLSA-201504-01	View
662318	68863	CVE-2014-1568	URL:https://security.gentoo.org/glsa/201504-01	View
662319	68863	CVE-2014-1568	REDHAT:RHSA-2014:1307	View
662320	68863	CVE-2014-1568	URL:http://rhn.redhat.com/errata/RHSA-2014-1307.html	View
662321	68863	CVE-2014-1568	REDHAT:RHSA-2014:1354	View
662322	68863	CVE-2014-1568	URL:http://rhn.redhat.com/errata/RHSA-2014-1354.html	View
662323	68863	CVE-2014-1568	REDHAT:RHSA-2014:1371	View
662324	68863	CVE-2014-1568	URL:http://rhn.redhat.com/errata/RHSA-2014-1371.html	View
662325	68863	CVE-2014-1568	SUSE:SUSE-SU-2014:1220	View
662326	68863	CVE-2014-1568	URL:http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00032.html	View
662327	68863	CVE-2014-1568	SUSE:openSUSE-SU-2014:1224	View
662328	68863	CVE-2014-1568	URL:http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00036.html	View
662329	68863	CVE-2014-1568	SUSE:openSUSE-SU-2014:1232	View
662330	68863	CVE-2014-1568	URL:http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00039.html	View
662331	68863	CVE-2014-1568	UBUNTU:USN-2360-1	View
662332	68863	CVE-2014-1568	URL:http://www.ubuntu.com/usn/USN-2360-1	View
662333	68863	CVE-2014-1568	UBUNTU:USN-2360-2	View
662334	68863	CVE-2014-1568	URL:http://www.ubuntu.com/usn/USN-2360-2	View
662335	68863	CVE-2014-1568	UBUNTU:USN-2361-1	View
662336	68863	CVE-2014-1568	URL:http://www.ubuntu.com/usn/USN-2361-1	View
662337	68863	CVE-2014-1568	CERT-VN:VU#772676	View
662338	68863	CVE-2014-1568	URL:http://www.kb.cert.org/vuls/id/772676	View
662339	68863	CVE-2014-1568	BID:70116	View
662340	68863	CVE-2014-1568	URL:http://www.securityfocus.com/bid/70116	View
662341	68863	CVE-2014-1568	SECUNIA:61540	View
662342	68863	CVE-2014-1568	URL:http://secunia.com/advisories/61540	View
662343	68863	CVE-2014-1568	SECUNIA:61574	View
662344	68863	CVE-2014-1568	URL:http://secunia.com/advisories/61574	View
662345	68863	CVE-2014-1568	SECUNIA:61575	View
662346	68863	CVE-2014-1568	URL:http://secunia.com/advisories/61575	View
662347	68863	CVE-2014-1568	SECUNIA:61576	View
662348	68863	CVE-2014-1568	URL:http://secunia.com/advisories/61576	View
662349	68863	CVE-2014-1568	SECUNIA:61583	View
662350	68863	CVE-2014-1568	URL:http://secunia.com/advisories/61583	View
662351	68863	CVE-2014-1568	XF:mozilla-nss-cve20141568-sec-bypass(96194)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
16014	JVNDB-2014-004889	Mozilla Firefox および Thunderbird の nsTransformedTextRun 関数におけるヒープベースのバッファオーバーフローの脆弱性	Mozilla Firefox および Thunderbird の nsTransformedTextRun 関数には、ヒープベースのバッファオーバーフローの脆弱性が存在します。	CVE-2014-1576	68863	7.5		http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004889.html	View

Message	Memory use
Component initialization	1.37 MB
Controller action start	1.48 MB
Controller render start	2.33 MB
View render complete	2.82 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	4.02
Event: Controller.initialize	0.02
Event: Controller.startup	0.09
Controller action	427.84
Event: Controller.beforeRender	4.77
» Processing toolbar data	4.68
Rendering View	31.40
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	30.19
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.67
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.11
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/68863
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/68863
Remote Port	25757
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.137.150.203
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.137.150.203
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.137.150.203
Unique Id	aBOV3xfj2LbAdsNgpHvZVAAAAhI
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.137.150.203
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.137.150.203
Redirect Unique Id	aBOV3xfj2LbAdsNgpHvZVAAAAhI
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.137.150.203
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.137.150.203
Redirect Redirect Unique Id	aBOV3xfj2LbAdsNgpHvZVAAAAhI
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746114015.5721
Request Time	1746114015

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files