Insufficient Mitigation of Timing Side-Channel Attacks in NSS 3.26.1

Insufficient Mitigation of Timing Side-Channel Attacks in NSS 3.26.1

CVE-2016-9074 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

An existing mitigation of timing side-channel attacks is insufficient in some circumstances. This issue is addressed in Network Security Services (NSS) 3.26.1. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50.

Learn more about our Network Penetration Testing.