CVE-2005-0255 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2005-0255
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-0255

Description: String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.

CVE Status: Candidate

References: SUSE http://www.novell.com/linux/security/advisories/2005_16_mozilla_firefox.html http://www.novell.com/linux/security/advisories/2006_04_25.html SAID Secunia Advisory: SA19823 REDHAT http://www.redhat.com/support/errata/RHSA-2005-277.html http://www.redhat.com/support/errata/RHSA-2005-176.html http://www.redhat.com/support/errata/RHSA-2005-337.html OVAL http://oval.mitre.org/oval/definitions/data/oval100040.html IDEFENSE http://www.idefense.com/application/poi/display?id=200&type=vulnerabilities GENTOO http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml http://www.gentoo.org/security/en/glsa/glsa-200503-30.xml CONFIRM http://www.mozilla.org/security/announce/mfsa2005-18.html BID 12659

Return to the previous page.