nspr: remote arbitrary code execution or DoS (CVE-2014-1545)
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.
•CONFIRM:
http://www.mozilla.org/security/announce/2014/mfsa2014-55.html
•CONFIRM: https://bugzilla.mozilla.org/show\_bug.cgi?id=1018783
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1107432
•BID:67975
•URL: http://www.securityfocus.com/bid/67975
•SECUNIA:58984
•URL: http://secunia.com/advisories/58984
(from redmine: issue id 3062, created on 2014-06-20, closed on 2014-06-24)
- Relations:
- child #3063 (closed)
- child #3064 (closed)
- child #3065 (closed)
- child #3066 (closed)