10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.6 High
AI Score
Confidence
High
0.07 Low
EPSS
Percentile
94.0%
Package : nspr
Version : 4.8.6-1+squeeze2
CVE ID : CVE-2014-1545
Abhiskek Arya discovered an out of bounds write in the cvt_t() function of
the NetScape Portable Runtime Library which could result in the execution
of arbitrary code.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | amd64 | spidermonkey-bin | < 24.6.0esr-1~deb7u1 | spidermonkey-bin_24.6.0esr-1~deb7u1_amd64.deb |
Debian | 7 | armhf | libnspr4-0d | < 2:4.9.2-1+deb7u2 | libnspr4-0d_2:4.9.2-1+deb7u2_armhf.deb |
Debian | 7 | armel | libnspr4-dbg | < 2:4.9.2-1+deb7u2 | libnspr4-dbg_2:4.9.2-1+deb7u2_armel.deb |
Debian | 7 | kfreebsd-i386 | libmozjs24d-dbg | < 24.6.0esr-1~deb7u1 | libmozjs24d-dbg_24.6.0esr-1~deb7u1_kfreebsd-i386.deb |
Debian | 7 | armhf | libnspr4-dbg | < 2:4.9.2-1+deb7u2 | libnspr4-dbg_2:4.9.2-1+deb7u2_armhf.deb |
Debian | 7 | armhf | icedove-dev | < 24.6.0-1~deb7u1 | icedove-dev_24.6.0-1~deb7u1_armhf.deb |
Debian | 6 | amd64 | libnspr4-dev | < 4.8.6-1+squeeze2 | libnspr4-dev_4.8.6-1+squeeze2_amd64.deb |
Debian | 7 | s390x | libmozjs-dev | < 24.6.0esr-1~deb7u1 | libmozjs-dev_24.6.0esr-1~deb7u1_s390x.deb |
Debian | 7 | all | iceweasel-l10n-sv-se | < 1:24.6.0esr-1~deb7u1 | iceweasel-l10n-sv-se_1:24.6.0esr-1~deb7u1_all.deb |
Debian | 7 | s390x | iceowl-extension | < 24.6.0-1~deb7u1 | iceowl-extension_24.6.0-1~deb7u1_s390x.deb |