CVE-2016-1938

CVE Database · CVE-2016-1938

CVE-2016-1938

· N/AModified

CVSS v3.1

N/A

EPSS

3.12%

Published

Jan 31, 2016

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The s_mp_div function in lib/freebl/mpi/mpi.c in Mozilla Network Security Services (NSS) before 3.21, as used in Mozilla Firefox before 44.0, improperly divides numbers, which might make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging use of the (1) mp_div or (2) mp_exptmod function.

Weaknesses (CWE)

CWE-310

Affected Products (5)

opensuse · leapvulnerable

opensuse · opensusevulnerable

mozilla · nssvulnerable

mozilla · firefoxvulnerable

References (20)

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00001.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00002.html

Third Party Advisory