Vulnerability in Mozilla Firefox
CVE-2005-0989
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
EPSS: 0.100 (95.0th percentile) — read the EPSS interpretation.
Affected products
- Mozilla Firefox — versions 1.0.1, 1.0.2
- Mozilla — versions 1.7.6
- Netscape Navigator — versions 7.2
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_OVAL, signature, vdb-entry)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory, Patch, Vendor Advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (Exploit, Patch, x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
- cve@mitre.org (vendor-advisory, Patch, x_refsource_GENTOO, Vendor Advisory)
- cve@mitre.org (Exploit, vdb-entry, x_refsource_SECTRACK)