Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. https://nvd.nist.gov/vuln/detail/CVE-2017-7502