Oval Definition:	oval:org.mitre.oval:def:100040
Revision Date: 2007-05-09 Version: 5 Title: Mozilla String Library Memory Overwrite Vulnerability Description: String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2005-0255 Platform(s): Microsoft Windows 2000 Microsoft Windows NT Microsoft Windows Server 2003 Microsoft Windows XP Product(s): mozilla Mozilla Firefox Mozilla Thunderbird Definition Synopsis Mozilla Firefox version 1.0 or earlier is installed Firefox version 1.0 or earlier is installed AND Mozilla Firefox version 1.0 or earlier is installed OR Mozilla Thunderbird version 1.0 or earlier is installed Mozilla Thunderbird version 1.0 or earlier is installed AND Mozilla Thunderbird version 1.0 or earlier is installed OR Mozilla Suite version 1.7.5 or earlier is installed Mozilla Suite version 1.7.5 or earlier is installed AND Mozilla Suite version 1.7.5 or earlier is installed
BACK