FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-0989

This CVE name corresponds to:

Entered Topic
2005-04-16 mozilla -- javascript "lambda" replace exposes memory contents

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2005-0989 at cve.mitre.org

Details

Type Candidate
Name CVE-2005-0989
Phase Assigned(20050406)

Description

The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.

References

Source Reference
CONFIRM http://www.mozilla.org/security/announce/mfsa2005-33.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=288688
GENTOO GLSA-200504-18
HP HPSBUX01133
HP SSRT5940
REDHAT RHSA-2005:383
REDHAT RHSA-2005:386
REDHAT RHSA-2005:384
REDHAT RHSA-2005:601
SCO SCOSA-2005.49
SUSE SUSE-SA:2006:022
SUSE SUSE-SA:2006:004
BID 15495
BID 12988
OVAL oval:org.mitre.oval:def:100025
OVAL oval:org.mitre.oval:def:11706
SECTRACK 1013635
SECTRACK 1013643
SECUNIA 14820
SECUNIA 14821
SECUNIA 19823

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.