CVE-2011-5094 is a vulnerability in Mozilla Network Security Services

Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-1473. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment

Products Associated with CVE-2011-5094

Want to know whenever a new CVE is published for Mozilla Network Security Services? stack.watch will email you.

Exploit Probability

EPSS

3.44%

Percentile

87.31%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2011-5094 is a vulnerability in Mozilla Network Security ServicesPublished on June 16, 2012

Products Associated with CVE-2011-5094

Exploit Probability

CVE-2011-5094 is a vulnerability in Mozilla Network Security Services
Published on June 16, 2012