CVE-2005-0255
Published: 2 May 2005
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.
Priority
Status
Package | Release | Status |
---|---|---|
mozilla Launchpad, Ubuntu, Debian |
gutsy |
Does not exist
|
dapper |
Not vulnerable
|
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Does not exist
|
|
upstream |
Needs triage
|
|
mozilla-thunderbird Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
gutsy |
Does not exist
|
|
upstream |
Needs triage
|