oval:org.mitre.oval:def:100040
Definition Id: oval:org.mitre.oval:def:100040 | |||
Oval ID: | oval:org.mitre.oval:def:100040 | ||
Title: | Mozilla String Library Memory Overwrite Vulnerability | ||
Description: | String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2005-0255 | Version: | 5 |
Platform(s): | Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | mozilla Mozilla Firefox Mozilla Thunderbird |
Definition Synopsis: | |||
|