CVE-2005-1159 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-1159
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-1159

Description: The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/20123 SUSE http://www.novell.com/linux/security/advisories/2006_04_25.html ST 1013743 1013742 SCO SAID Secunia Advisory: SA14992 Secunia Advisory: SA19823 Secunia Advisory: SA14938 REDHAT http://www.redhat.com/support/errata/RHSA-2005-386.html http://www.redhat.com/support/errata/RHSA-2005-601.html http://www.redhat.com/support/errata/RHSA-2005-383.html http://www.redhat.com/support/errata/RHSA-2005-384.html OVAL http://oval.mitre.org/oval/definitions/data/oval100018.html GENTOO http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml CONFIRM http://www.mozilla.org/security/announce/mfsa2005-40.html BID 15495 13232

Return to the previous page.