CVE-2005-1159
Gravedad CVSS v2.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
02/05/2005
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type.
Impacto
Puntuación base 2.0
7.50
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:firefox:1.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:mozilla:1.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:mozilla:1.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:mozilla:1.4:alpha:*:*:*:*:*:* | ||
| cpe:2.3:a:mozilla:mozilla:1.4.1:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
- http://secunia.com/advisories/14938
- http://secunia.com/advisories/14992
- http://secunia.com/advisories/19823
- http://securitytracker.com/id?1013742=
- http://securitytracker.com/id?1013743=
- http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml
- http://www.mozilla.org/security/announce/mfsa2005-40.html
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.redhat.com/support/errata/RHSA-2005-383.html
- http://www.redhat.com/support/errata/RHSA-2005-384.html
- http://www.redhat.com/support/errata/RHSA-2005-386.html
- http://www.redhat.com/support/errata/RHSA-2005-601.html
- http://www.securityfocus.com/bid/13232
- http://www.securityfocus.com/bid/15495
- https://bugzilla.mozilla.org/show_bug.cgi?id=290162
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20123
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
- http://secunia.com/advisories/14938
- http://secunia.com/advisories/14992
- http://secunia.com/advisories/19823
- http://securitytracker.com/id?1013742=
- http://securitytracker.com/id?1013743=
- http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml
- http://www.mozilla.org/security/announce/mfsa2005-40.html
- http://www.novell.com/linux/security/advisories/2006_04_25.html
- http://www.redhat.com/support/errata/RHSA-2005-383.html
- http://www.redhat.com/support/errata/RHSA-2005-384.html
- http://www.redhat.com/support/errata/RHSA-2005-386.html
- http://www.redhat.com/support/errata/RHSA-2005-601.html
- http://www.securityfocus.com/bid/13232
- http://www.securityfocus.com/bid/15495
- https://bugzilla.mozilla.org/show_bug.cgi?id=290162
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20123
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A100018
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10629