Launchpad.net

CVE 2014-1545

Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions.

Related bugs and status

CVE-2014-1545 (Candidate) is related to these bugs:

Bug #469752: firefox,3.5/3.6 startup-notification bug

		In	Importance	Status
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu)	Medium	Invalid
469752	firefox,3.5/3.6 startup-notification bug	Mozilla Firefox	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Suse)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox (Ubuntu Lucid)	Medium	Fix Released
469752	firefox,3.5/3.6 startup-notification bug	firefox-3.5 (Ubuntu Lucid)	Medium	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.mozilla.org...
CONFIRM: https://bugzilla.mozil...
CONFIRM: https://bugzilla.redha...
BID: 67975
SECUNIA: 58984
SECUNIA: 59229
SECUNIA: 59275
SECUNIA: 59318
SUSE: openSUSE-SU-2014:0855
SUSE: openSUSE-SU-2014:0858
UBUNTU: USN-2265-1
SECUNIA: 59614
SECUNIA: 59377
SECUNIA: 59387
SECTRACK: 1030404
CONFIRM: http://www.oracle.com/...
CONFIRM: http://www.oracle.com/...
GENTOO: GLSA-201504-01
SECUNIA: 59425
SECUNIA: 59486
CONFIRM: http://kb.juniper.net/...
DEBIAN: DSA-2955
DEBIAN: DSA-2960
DEBIAN: DSA-2962
SUSE: SUSE-SU-2014:0824
SUSE: openSUSE-SU-2014:0797
SUSE: openSUSE-SU-2014:0819