Search for vulnerabilities
Vulnerability details: VCID-8z64-29q3-aaac
Vulnerability ID VCID-8z64-29q3-aaac
Aliases CVE-2016-1951
Summary Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function.
Status Published
Exploitability 0.5
Weighted Severity 7.7
Risk 3.9
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-190 Integer Overflow or Wraparound
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1951.html
epss 0.00786 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.00823 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.01594 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02130 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02130 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02130 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02130 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
epss 0.02548 https://api.first.org/data/v1/epss?cve=CVE-2016-1951
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1311126
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951
cvssv2 5.8 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual Medium https://groups.google.com/forum/#!topic/mozilla.dev.tech.nspr/dV4MyMsg6jw
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2016-1951
cvssv3 8.6 https://nvd.nist.gov/vuln/detail/CVE-2016-1951
archlinux Medium https://security.archlinux.org/AVG-933
generic_textual Medium https://ubuntu.com/security/notices/USN-3023-1
generic_textual Medium https://ubuntu.com/security/notices/USN-3028-1
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1951.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1951.json
https://api.first.org/data/v1/epss?cve=CVE-2016-1951
https://bugzilla.mozilla.org/show_bug.cgi?id=1174015
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1951
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/dV4MyMsg6jw/hhWcXOgJDQAJ
https://groups.google.com/forum/#!topic/mozilla.dev.tech.nspr/dV4MyMsg6jw
https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2
https://ubuntu.com/security/notices/USN-3023-1
https://ubuntu.com/security/notices/USN-3028-1
http://www.securityfocus.com/bid/92385
http://www.securitytracker.com/id/1036590
http://www.ubuntu.com/usn/USN-3023-1
1311126 https://bugzilla.redhat.com/show_bug.cgi?id=1311126
AVG-933 https://security.archlinux.org/AVG-933
cpe:2.3:a:mozilla:netscape_portable_runtime:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:netscape_portable_runtime:*:*:*:*:*:*:*:*
CVE-2016-1951 https://nvd.nist.gov/vuln/detail/CVE-2016-1951
USN-3023-1 https://usn.ubuntu.com/3023-1/
USN-3028-1 https://usn.ubuntu.com/3028-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-1951
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-1951
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.72788
EPSS Score 0.00786
Published At June 25, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.