CVE-2014-1545

Priority
Medium
Description
Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote
attackers to execute arbitrary code or cause a denial of service
(out-of-bounds write) via vectors involving the sprintf and console
functions.
References
Bugs
Assigned-to
mdeslaur
Package
Source: nspr (LP Ubuntu Debian)
Upstream:released (4.10.6)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):released (4.9.5-0ubuntu0.12.04.3)
Ubuntu 13.10 (Saucy Salamander):released (2:4.9.5-1ubuntu1.2)
Ubuntu 14.04 LTS (Trusty Tahr):released (2:4.10.2-1ubuntu1.1)
Ubuntu 14.10 (Utopic Unicorn):released (2:4.10.6-1ubuntu1)
Patches:
Upstream:https://hg.mozilla.org/projects/nspr/rev/74eb616c618e
More Information

Valid XHTML 1.0 Strict

Updated: 2014-07-02 20:14:37 UTC (commit 8199)