10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8.8 High
AI Score
Confidence
High
0.07 Low
EPSS
Percentile
94.0%
Debian Security Advisory DSA-2962-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
June 17, 2014 http://www.debian.org/security/faq
Package : nspr
CVE ID : CVE-2014-1545
Abhiskek Arya discovered an out of bounds write in the cvt_t() function
of the NetScape Portable Runtime Library which could result in the
execution of arbitrary code.
For the stable distribution (wheezy), this problem has been fixed in
version 2:4.9.2-1+deb7u2.
For the unstable distribution (sid), this problem has been fixed in
version 2:4.10.6-1.
We recommend that you upgrade your nspr packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | all | iceweasel-l10n-en-za | < 1:24.6.0esr-1~deb7u1 | iceweasel-l10n-en-za_1:24.6.0esr-1~deb7u1_all.deb |
Debian | 7 | armhf | iceweasel-dbg | < 24.6.0esr-1~deb7u1 | iceweasel-dbg_24.6.0esr-1~deb7u1_armhf.deb |
Debian | 7 | s390 | spidermonkey-bin | < 24.6.0esr-1~deb7u1 | spidermonkey-bin_24.6.0esr-1~deb7u1_s390.deb |
Debian | 7 | all | icedove | < 24.6.0-1~deb7u1 | icedove_24.6.0-1~deb7u1_all.deb |
Debian | 7 | powerpc | libnspr4 | < 2:4.9.2-1+deb7u2 | libnspr4_2:4.9.2-1+deb7u2_powerpc.deb |
Debian | 7 | kfreebsd-i386 | xulrunner-24.0 | < 24.6.0esr-1~deb7u1 | xulrunner-24.0_24.6.0esr-1~deb7u1_kfreebsd-i386.deb |
Debian | 7 | all | iceweasel-l10n-bg | < 1:24.6.0esr-1~deb7u1 | iceweasel-l10n-bg_1:24.6.0esr-1~deb7u1_all.deb |
Debian | 7 | kfreebsd-amd64 | libmozjs24d-dbg | < 24.6.0esr-1~deb7u1 | libmozjs24d-dbg_24.6.0esr-1~deb7u1_kfreebsd-amd64.deb |
Debian | 7 | armel | libnspr4-0d | < 2:4.9.2-1+deb7u2 | libnspr4-0d_2:4.9.2-1+deb7u2_armel.deb |
Debian | 7 | all | iceweasel-l10n-eu | < 1:24.6.0esr-1~deb7u1 | iceweasel-l10n-eu_1:24.6.0esr-1~deb7u1_all.deb |