Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Netscape Portable Runtime (NSPR)

Arbitrary Code Execution and Denial of Service Vulnerability in Mozilla Netscape Portable Runtime (NSPR)

CVE-2014-1545 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.

Learn more about our Web Application Penetration Testing UK.