CVE-2014-1545

CWE-787 — Out-of-bounds Write9 documents8 sources

Severity

10.0CRITICAL

EPSS

2.9%

top 13.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Netscape Portable Runtime

Timeline

PublishedJun 11

Latest updateMay 14

Description

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDmozilla/netscape_portable_runtime4.10.5+44

▶Debiannspr< 2:4.10.6-1+3

🔴Vulnerability Details

GHSA

GHSA-r364-qw2p-cpfx: Mozilla Netscape Portable Runtime (NSPR) before 4↗2022-05-14

▶

OSV

CVE-2014-1545: Mozilla Netscape Portable Runtime (NSPR) before 4↗2014-06-11

▶

CVEList

CVE-2014-1545: Mozilla Netscape Portable Runtime (NSPR) before 4↗2014-06-11

▶

📋Vendor Advisories

Ubuntu

NSPR vulnerability↗2014-07-02

▶

Red Hat

Mozilla: Out of bounds write in NSPR (MFSA 2014-55)↗2014-06-10

▶

Debian

CVE-2014-1545: nspr - Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers t...↗2014

▶

💬Community

Bugzilla

CVE-2014-1545 nspr: Mozilla: Out of bounds write in NSPR (MFSA 2014-55) [fedora-all]↗2014-07-03

▶

Bugzilla

CVE-2014-1545 Mozilla: Out of bounds write in NSPR (MFSA 2014-55)↗2014-06-10

▶