CVE-2014-1545

Currently unrated

Key Information:

Vendor: Mozilla
Status: Netscape Portable Runtime
Vendor: CVE Published:; 11 June 2014

Summary

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.

References

http://www.oracle.com/technetwork/topics/security/ovmbull...

x_refsource_CONFIRM

http://secunia.com/advisories/59229

third-party-advisoryx_refsource_SECUNIA

http://lists.opensuse.org/opensuse-updates/2014-06/msg000...

vendor-advisoryx_refsource_SUSE

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 11, 2014
Vulnerability Reserved
Jan 16, 2014