CVE-2005-0989

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Navigator; Mozilla
Vendor: CVE Published:; 2 May 2005

Summary

The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.

References

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

http://www.redhat.com/support/errata/RHSA-2005-386.html

vendor-advisoryx_refsource_REDHAT

http://www.securityfocus.com/bid/12988

vdb-entryx_refsource_BID

EPSS Score

61% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 6, 2005