Wind River Support Network

HomeDefectsLIN7-298
Fixed

LIN7-298 : Security Advisory - nspr - CVE-2014-1545

Created: Jul 23, 2014    Updated: Mar 4, 2016
Resolved Date: Jul 28, 2014
Fix Version: 7.0
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Userspace

Description

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.Per: http://cwe.mitre.org/data/definitions/787.html

CWE-787: Out-of-bounds Write

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1545
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube