3 matches found
CVE-2014-1545
CVE-2014-1545 : Mozilla’s Netscape Portable Runtime (NSPR) prior to 4.10.6 contains an out-of-bounds write in the sprintf/console paths that can enable remote arbitrary code execution or a denial of service. IBM advisories (for IBM FlashSystem/Storwize families) reiterate impact and provide remed...
CVE-2013-5607
CVE-2013-5607 describes an integer overflow in Mozilla NSPR’s PL_ArenaAllocate, exploited via crafted X.509 certificates to trigger a crash (possible other impact) in affected Firefox/SeaMonkey builds. Affected products include Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11, Firefox 24.x ...
CVE-2016-1951
CVE-2016-1951 affects Mozilla Netscape Portable Runtime (NSPR) before 4.12. The issue arises from multiple integer overflows in io/prprf.c during long PR_*printf-style strings, which can lead to a denial of service through a buffer overflow and could have other unspecified impacts. Affected produ...