CVE-2005-1159

Properties

Published:
01.05.2005
Updated:
22.08.2010
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Product:
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla
mozilla: mozilla

Vulnerability description

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.

References:

CONFIRM: https://bugzilla.mozilla.org/show_bug.cgi?id=290162
XF: http://xforce.iss.net/xforce/xfdb/20123
BID: http://www.securityfocus.com/bid/13232
REDHAT: http://www.redhat.com/support/errata/RHSA-2005-386.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2005-383.html
GENTOO: http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml
SECTRACK: http://securitytracker.com/id?1013743
SECTRACK: http://securitytracker.com/id?1013742
SECUNIA: http://secunia.com/advisories/14992
SECUNIA: http://secunia.com/advisories/14938
CONFIRM: http://www.mozilla.org/security/announce/mfsa2005-40.html
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10629
BID: http://www.securityfocus.com/bid/15495
REDHAT: http://www.redhat.com/support/errata/RHSA-2005-601.html
REDHAT: http://www.redhat.com/support/errata/RHSA-2005-384.html
SUSE: http://www.novell.com/linux/security/advisories/2006_04_25.html
SECUNIA: http://secunia.com/advisories/19823
SCO: ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100018