CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1951 – Debian Security Advisory 3687-1
https://notcve.org/view.php?id=CVE-2016-1951
11 Jul 2016 — Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function. Múltiples desbordamientos de entero en io/prprf.c en Mozilla Netscape Portable Runtime (NSPR) en versiones anteriores a 4.12 permite a atacantes remotos provocar una denegación de servicio (desbordamiento de búfer) o posiblemente tener otro impacto no especif... • http://www.securityfocus.com/bid/92385 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 3%CPEs: 45EXPL: 0CVE-2014-1545 – Mozilla: Out of bounds write in NSPR (MFSA 2014-55)
https://notcve.org/view.php?id=CVE-2014-1545
11 Jun 2014 — Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. Mozilla Netscape Portable Runtime (NSPR) anterior a 4.10.6 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (escritura fuera de rango) a través de vectores que involucren las funciones sprintf y console. An out-of-bounds write flaw was found in NSPR. A remo... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 172EXPL: 0CVE-2013-5607 – nspr: Avoid unsigned integer wrapping in PL_ArenaAllocate (MFSA 2013-103)
https://notcve.org/view.php?id=CVE-2013-5607
20 Nov 2013 — Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. Desbordamiento de enteros en la función de PL_ArenaAllocate en Mozilla Netscape Portable Runtime (NSPR... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 • CWE-189: Numeric Errors •