CVE-2005-1159

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.
References
Link Resource
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://secunia.com/advisories/14938 Patch Vendor Advisory
http://secunia.com/advisories/14992 Patch Vendor Advisory
http://secunia.com/advisories/19823
http://securitytracker.com/id?1013742 Patch
http://securitytracker.com/id?1013743 Patch
http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml Patch Vendor Advisory
http://www.mozilla.org/security/announce/mfsa2005-40.html Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_04_25.html
http://www.redhat.com/support/errata/RHSA-2005-383.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-384.html
http://www.redhat.com/support/errata/RHSA-2005-386.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-601.html
http://www.securityfocus.com/bid/13232 Patch
http://www.securityfocus.com/bid/15495
https://bugzilla.mozilla.org/show_bug.cgi?id=290162 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/20123
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
http://secunia.com/advisories/14938 Patch Vendor Advisory
http://secunia.com/advisories/14992 Patch Vendor Advisory
http://secunia.com/advisories/19823
http://securitytracker.com/id?1013742 Patch
http://securitytracker.com/id?1013743 Patch
http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml Patch Vendor Advisory
http://www.mozilla.org/security/announce/mfsa2005-40.html Vendor Advisory
http://www.novell.com/linux/security/advisories/2006_04_25.html
http://www.redhat.com/support/errata/RHSA-2005-383.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-384.html
http://www.redhat.com/support/errata/RHSA-2005-386.html Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-601.html
http://www.securityfocus.com/bid/13232 Patch
http://www.securityfocus.com/bid/15495
https://bugzilla.mozilla.org/show_bug.cgi?id=290162 Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/20123
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.5:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.5:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.5:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.6:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.6:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:alpha:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:beta:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7:rc3:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7.5:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.7.6:*:*:*:*:*:*:*

History

20 Nov 2024, 23:56

Type Values Removed Values Added
References () ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt - () ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt -
References () http://secunia.com/advisories/14938 - Patch, Vendor Advisory () http://secunia.com/advisories/14938 - Patch, Vendor Advisory
References () http://secunia.com/advisories/14992 - Patch, Vendor Advisory () http://secunia.com/advisories/14992 - Patch, Vendor Advisory
References () http://secunia.com/advisories/19823 - () http://secunia.com/advisories/19823 -
References () http://securitytracker.com/id?1013742 - Patch () http://securitytracker.com/id?1013742 - Patch
References () http://securitytracker.com/id?1013743 - Patch () http://securitytracker.com/id?1013743 - Patch
References () http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml - Patch, Vendor Advisory () http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml - Patch, Vendor Advisory
References () http://www.mozilla.org/security/announce/mfsa2005-40.html - Vendor Advisory () http://www.mozilla.org/security/announce/mfsa2005-40.html - Vendor Advisory
References () http://www.novell.com/linux/security/advisories/2006_04_25.html - () http://www.novell.com/linux/security/advisories/2006_04_25.html -
References () http://www.redhat.com/support/errata/RHSA-2005-383.html - Patch, Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2005-383.html - Patch, Vendor Advisory
References () http://www.redhat.com/support/errata/RHSA-2005-384.html - () http://www.redhat.com/support/errata/RHSA-2005-384.html -
References () http://www.redhat.com/support/errata/RHSA-2005-386.html - Patch, Vendor Advisory () http://www.redhat.com/support/errata/RHSA-2005-386.html - Patch, Vendor Advisory
References () http://www.redhat.com/support/errata/RHSA-2005-601.html - () http://www.redhat.com/support/errata/RHSA-2005-601.html -
References () http://www.securityfocus.com/bid/13232 - Patch () http://www.securityfocus.com/bid/13232 - Patch
References () http://www.securityfocus.com/bid/15495 - () http://www.securityfocus.com/bid/15495 -
References () https://bugzilla.mozilla.org/show_bug.cgi?id=290162 - Patch () https://bugzilla.mozilla.org/show_bug.cgi?id=290162 - Patch
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/20123 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/20123 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629 -

Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:56


NVD link : CVE-2005-1159

Mitre link : CVE-2005-1159

CVE.ORG link : CVE-2005-1159


JSON object : View

Products Affected

mozilla

  • firefox
  • mozilla