Several vulnerabilities have been discovered in the NetScape Portable
Runtime Library, which may lead to the execution of arbitrary code. The
Common Vulnerabilities and Exposures project identifies the following
problems:

CVE-2009-1563
A programming error in the string handling code may lead to the
execution of arbitrary code.
CVE-2009-2463
An integer overflow in the Base64 decoding functions may lead to
the execution of arbitrary code.

The old stable distribution (etch) doesn’t contain nspr.

For the stable distribution (lenny), these problems have been fixed in
version 4.7.1-5.

For the unstable distribution (sid) these problems have been fixed in
version 4.8.2-1.

We recommend that you upgrade your NSPR packages.

CPENameOperatorVersion
nspreq4.7.1-4

CPE	Name	Operator	Version
	nspr	eq	4.7.1-4

References

www.debian.org/security/2009/dsa-1931

debian 5

openvas 47

nessus 36

debiancve 1

ubuntucve 2

cve 2

seebug 10

securityvulns 10

veracode 1

prion 1

checkpoint_advisories 1

exploitpack 4

packetstorm 4

exploitdb 4

oraclelinux 2

redhat 2

centos 2

mozilla 2

osv 2

ubuntu 2

fedora 56

suse 2

freebsd 1

debian

[SECURITY] [DSA 1931-1] New NSPR packages fix several vulnerabilities

2009-11-08 10:07:37

[Backports-security-announce] Security Update for nsrp

2010-07-21 08:24:14

[Backports-security-announce] Security Update for nsrp

2010-07-21 08:26:53

openvas

Debian Security Advisory DSA 1931-1 (nspr)

2009-11-11 00:00:00

Debian Security Advisory DSA 1931-1 (nspr)

2009-11-11 00:00:00

CentOS Security Advisory CESA-2009:1163 (seamonkey)

2009-07-29 00:00:00

nessus

Debian DSA-1931-1 : nspr - several vulnerabilities

2010-02-24 00:00:00

openSUSE Security Update : mozilla-nspr (mozilla-nspr-1510)

2009-11-09 00:00:00

SuSE 10 Security Update : mozilla-nspr (ZYPP Patch Number 6631)

2010-10-11 00:00:00

debiancve

CVE-2009-2463

2009-07-22 18:30:00

ubuntucve

CVE-2009-2463

2009-07-22 00:00:00

CVE-2009-0689

2009-07-01 00:00:00

cve

CVE-2009-2463

2009-07-22 18:30:00

CVE-2009-1563

2009-10-29 14:30:00

seebug

Mozilla Firefox浮点转换堆溢出漏洞

2009-10-31 00:00:00

Mozilla Firefox and Thunderbird Remote Integer Overflow Vulnerability

2010-03-19 00:00:00

K-Meleon 1.5.3 Remote Array Overrun

2009-11-19 00:00:00

securityvulns

Secunia Research: Mozilla Firefox Floating Point Memory Allocation Vulnerability

2009-10-28 00:00:00

Mozilla Foundation Security Advisory 2009-59

2009-10-28 00:00:00

KDE KDELibs 4.3.3 Remote Array Overrun (Arbitrary code execution)

2009-11-20 00:00:00

veracode

Denial Of Service (DoS)

2020-04-10 00:36:28

prion

Integer overflow

2009-07-22 18:30:00

checkpoint_advisories

Mozilla Firefox Floating Point Number Conversion Memory Corruption (CVE-2009-1563)

2010-05-12 00:00:00

exploitpack

K-Meleon 1.5.3 - Remote Array Overrun

2009-11-19 00:00:00

SeaMonkey 1.1.8 - Remote Array Overrun

2009-11-19 00:00:00

KDE KDELibs 4.3.3 - Remote Array Overrun

2009-11-19 00:00:00

packetstorm

K-Meleon 1.5.3 Remote Array Overrun

2009-11-20 00:00:00

SeaMonkey 1.1.0 Remote Array Overrun

2009-11-20 00:00:00

Opera 10.01 Remote Array Overrun

2009-11-20 00:00:00

exploitdb

SeaMonkey 1.1.8 - Remote Array Overrun

2009-11-19 00:00:00

KDE KDELibs 4.3.3 - Remote Array Overrun

2009-11-19 00:00:00

Opera 10.01 - Remote Array Overrun

2009-11-19 00:00:00

oraclelinux

seamonkey security update

2009-07-22 00:00:00

seamonkey security update

2009-10-28 00:00:00

redhat

(RHSA-2009:1163) Critical: seamonkey security update

2009-07-21 00:00:00

(RHSA-2009:1531) Critical: seamonkey security update

2009-10-27 00:00:00

centos

seamonkey security update

2009-07-22 22:37:56

seamonkey security update

2009-10-28 13:15:48

mozilla

Crashes with evidence of memory corruption (rv:1.9.1/1.9.0.12) — Mozilla

2009-07-21 00:00:00

Fixes for potentially exploitable crashes ported to the legacy branch — Mozilla

2010-03-16 00:00:00

osv

icedove - several vulnerabilities

2010-03-31 00:00:00

xulrunner - several vulnerabilities

2009-07-23 00:00:00

ubuntu

Firefox and Xulrunner vulnerabilities

2009-07-22 00:00:00

Thunderbird vulnerabilities

2010-03-18 00:00:00

fedora

[SECURITY] Fedora 10 Update: Miro-2.0.5-2.fc10

2009-07-23 19:14:52

[SECURITY] Fedora 10 Update: gnome-web-photo-0.3-20.fc10

2009-07-23 19:14:52

[SECURITY] Fedora 10 Update: gecko-sharp2-0.13-10.fc10

2009-07-23 19:14:52

suse

remote code execution in MozillaFirefox

2009-07-27 13:06:57

remote code execution in MozillaFirefox

2009-08-06 11:30:16

freebsd

mozilla -- multiple vulnerabilities

2010-03-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.116 Low

EPSS

Percentile

94.4%

JSON

Related for OSV:DSA-1931-1