CVSS: 8.6EPSS: 2%CPEs: 1EXPL: 0CVE-2016-1951
https://notcve.org/view.php?id=CVE-2016-1951
Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function. Múltiples desbordamientos de entero en io/prprf.c en Mozilla Netscape Portable Runtime (NSPR) en versiones anteriores a 4.12 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer) o posiblemente tener otro impacto no especificado a través de una cadena larga a una función PR_*printf. • http://www.securityfocus.com/bid/92385 http://www.securitytracker.com/id/1036590 http://www.ubuntu.com/usn/USN-3023-1 https://bugzilla.mozilla.org/show_bug.cgi?id=1174015 https://groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/dV4MyMsg6jw/hhWcXOgJDQAJ https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 7%CPEs: 45EXPL: 0CVE-2014-1545 – Mozilla: Out of bounds write in NSPR (MFSA 2014-55)
https://notcve.org/view.php?id=CVE-2014-1545
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. Mozilla Netscape Portable Runtime (NSPR) anterior a 4.10.6 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (escritura fuera de rango) a través de vectores que involucren las funciones sprintf y console. An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00019.html http://lists.opensuse.org/opensuse-security-announce/2014-06/msg00023.html http://lists.opensuse.org/opensuse-updates/2014-06/msg00040.html http://lists.opensuse.org/opensuse-updates/2014-07/msg00001.html http://lists.opensuse.org/opensuse-updates/2014-07/msg00004.html http://secunia.com/advisories/58984 http://secunia.com/advisories/59229 http://secunia&# • CWE-787: Out-of-bounds Write •