RHEL 4 : nspr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nspr: heap-buffer overflow in PLARENAALLOCATE MFSA 2015-133 CVE-2015-7183 Note that Nessus has not tested for this...

Integer overflow

Integer overflow in the PLARENAALLOCATE implementation in Netscape Portable Runtime NSPR in Mozilla Network Security Services NSS before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other products, allows remote attackers to execute...

CVE-2015-7183

CVE-2015-7183 is an integer overflow in the PL_ARENA_ALLOCATE path of Netscape Portable Runtime (NSPR) used by NSS. Affected NSS/NSPR versions include NSS prior to 3.19.2.1 and 3.20.x prior to 3.20.1 (as used by Firefox before 42.0 and Firefox ESR 38.x before 38.4, among others). The flaw may all...

nspr: heap-buffer overflow in PL_ARENA_ALLOCATE (MFSA 2015-133)

A heap-based buffer overflow was found in NSPR. An attacker could use this flaw to cause NSPR to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSPR library...