Lucene search

K
osvGoogleOSV:DSA-1931-1
HistoryNov 08, 2009 - 12:00 a.m.

nspr - several vulnerabilities

2009-11-0800:00:00
Google
osv.dev
29

EPSS

0.083

Percentile

94.4%

Several vulnerabilities have been discovered in the NetScape Portable
Runtime Library, which may lead to the execution of arbitrary code. The
Common Vulnerabilities and Exposures project identifies the following
problems:

  • CVE-2009-1563
    A programming error in the string handling code may lead to the
    execution of arbitrary code.
  • CVE-2009-2463
    An integer overflow in the Base64 decoding functions may lead to
    the execution of arbitrary code.

The old stable distribution (etch) doesnโ€™t contain nspr.

For the stable distribution (lenny), these problems have been fixed in
version 4.7.1-5.

For the unstable distribution (sid) these problems have been fixed in
version 4.8.2-1.

We recommend that you upgrade your NSPR packages.