Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0989

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-0989
Last Modified 11 Jul 2011 12:00:00
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0989

Summary

The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.

Vulnerable Systems

Application

  • Mozilla 1.7.6

  • Mozilla Firefox 1.0.1

  • Mozilla Firefox 1.0.2

  • Netscape Navigator 7.2


References

REDHAT - RHSA-2005:386

REDHAT - RHSA-2005:383

GENTOO - GLSA-200504-18

SECUNIA - 14821

SECUNIA - 14820

CONFIRM - https://bugzilla.mozilla.org/show_bug.cgi?id=288688

BID - 15495

BID - 12988

REDHAT - RHSA-2005:601

REDHAT - RHSA-2005:384

SUSE - SUSE-SA:2006:022

SUSE - SUSE-SA:2006:004

CONFIRM - http://www.mozilla.org/security/announce/mfsa2005-33.html

SECTRACK - 1013643

SECTRACK - 1013635

SECUNIA - 19823

SCO - SCOSA-2005.49


Last Updated: 27 May 2016 10:40:00