High severity8.6NVD Advisory· Published Aug 7, 2016· Updated May 6, 2026

CVE-2016-1951

Description

Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.mozilla.org/show_bug.cginvdIssue Tracking
groups.google.com/forum/message/rawnvdMailing List
www.securityfocus.com/bid/92385nvd
www.securitytracker.com/id/1036590nvd
www.ubuntu.com/usn/USN-3023-1nvd
hg.mozilla.org/projects/nspr/rev/96381e3aaae2nvd

News mentions

No linked articles in our index yet.

cvss	0.559
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000