Mozilla Foundation Security Advisory 2014-55

Out of bounds write in NSPR

Announced
June 10, 2014
Reporter
Abhishek Arya
Impact
Critical
Products
Netscape Portable Runtime
Fixed in
  • Netscape Portable Runtime 4.10.6

Description

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team reported an out of bounds write in the Netscape Portable Runtime (NSPR) leading to a potentially exploitable crash or code execution. This issue is fixed in NSPR version 4.10.6.

This NSPR flaw was not exposed to web content in any shipped version of Firefox.

References