Vulnerability Name:

CVE-2005-0989 (CCN-19943)

Assigned:2005-04-04
Published:2005-04-04
Updated:2018-05-03
Summary:The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.2 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Obtain Information
References:Source: SCO
Type: UNKNOWN
SCOSA-2005.49

Source: MITRE
Type: CNA
CVE-2005-0989

Source: CCN
Type: RHSA-2005-383
firefox security update

Source: CCN
Type: RHSA-2005-384
Mozilla security update

Source: CCN
Type: RHSA-2005-386
Mozilla security update

Source: CCN
Type: RHSA-2005-601
thunderbird security update

Source: CCN
Type: SA14820
Mozilla Firefox JavaScript Engine Information Disclosure Vulnerability

Source: SECUNIA
Type: Exploit, Patch, Vendor Advisory
14820

Source: CCN
Type: SA14821
Mozilla Suite JavaScript Engine Information Disclosure Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
14821

Source: SECUNIA
Type: Vendor Advisory
19823

Source: CCN
Type: SECTRACK ID: 1013635
Mozilla Firefox Javascript Regex Parsing Error Discloses Memory to Remote Users

Source: SECTRACK
Type: Exploit
1013635

Source: CCN
Type: SECTRACK ID: 1013643
Netscape Browser Javascript Regex Parsing Error Discloses Memory to Remote Users

Source: SECTRACK
Type: Exploit
1013643

Source: CCN
Type: CIAC INFORMATION BULLETIN P-190
Firefox Security Bugs

Source: CCN
Type: CIAC INFORMATION BULLETIN P-193
Mozilla Security Bugs

Source: DEBIAN
Type: DSA-781
mozilla-thunderbird -- several vulnerabilities

Source: CCN
Type: GLSA-200504-18
Mozilla Firefox, Mozilla Suite: Multiple vulnerabilities

Source: GENTOO
Type: Patch, Vendor Advisory
GLSA-200504-18

Source: CCN
Type: GLSA-200507-17
Mozilla Thunderbird: Multiple vulnerabilities

Source: CCN
Type: Mozilla CVS Repository Web site
source code via cvs

Source: CCN
Type: Mozilla Firefox Download Web page
Firefox - Rediscover the web

Source: CCN
Type: MFSA 2005-33
Javascript "lambda" replace exposes memory contents

Source: CONFIRM
Type: Vendor Advisory
http://www.mozilla.org/security/announce/mfsa2005-33.html

Source: SUSE
Type: UNKNOWN
SUSE-SA:2006:004

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:383

Source: REDHAT
Type: UNKNOWN
RHSA-2005:384

Source: REDHAT
Type: Patch, Vendor Advisory
RHSA-2005:386

Source: REDHAT
Type: UNKNOWN
RHSA-2005:601

Source: BID
Type: UNKNOWN
12988

Source: CCN
Type: BID-12988
Mozilla Suite/Firefox JavaScript Lambda Replace Heap Memory Disclosure Vulnerability

Source: BID
Type: UNKNOWN
15495

Source: CCN
Type: BID-15495
SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - Multiple Vulnerabilities Fixed

Source: CCN
Type: USN-149-3
Ubuntu 4.10 update for Firefox vulnerabilities

Source: CCN
Type: USN-157-1
Mozilla Thunderbird vulnerabilities

Source: CCN
Type: USN-157-2
Updated Mozilla Thunderbird Enigmail plugin for Ubuntu 4.10

Source: CCN
Type: Bugzilla Bug 288688
JS "lambda" replace exposes malloc heap space after end of JS string

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=288688

Source: XF
Type: UNKNOWN
mozilla-lambda-information-disclosure(19943)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:100025

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11706

Source: SUSE
Type: SUSE-SA:2005:028
Mozilla Firefox: various security problems

Source: SUSE
Type: SUSE-SA:2006:022
MozillaThunderbird various problems

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:mozilla:1.7.6:*:*:*:*:*:*:*
  • OR cpe:/a:netscape:navigator:7.2:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:netscape:navigator:7.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:mozilla:1.7.6:*:*:*:*:*:*:*
  • AND
  • cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:8.2:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:novell:linux_desktop:9:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:10.0::oss:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20050989
    V
    CVE-2005-0989
    2015-11-16
    oval:org.mitre.oval:def:11706
    V
    The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
    2013-04-29
    oval:org.mitre.oval:def:100025
    V
    Mozilla Javascript "lambda"
    2007-05-09
    oval:org.debian:def:781
    V
    several vulnerabilities
    2005-08-23
    oval:com.redhat.rhsa:def:20050601
    P
    RHSA-2005:601: thunderbird security update (Important)
    2005-07-21
    oval:com.redhat.rhsa:def:20050384
    P
    RHSA-2005:384: Mozilla security update (Important)
    2005-04-28
    oval:com.redhat.rhsa:def:20050386
    P
    RHSA-2005:386: Mozilla security update (Important)
    2005-04-26
    oval:com.redhat.rhsa:def:20050383
    P
    RHSA-2005:383: firefox security update (Important)
    2005-04-21
    BACK
    mozilla firefox 1.0.1
    mozilla firefox 1.0.2
    mozilla mozilla 1.7.6
    netscape navigator 7.2
    netscape navigator 7.2
    mozilla firefox 1.0.1
    mozilla firefox 1.0.2
    mozilla mozilla 1.7.6
    gentoo linux *
    suse linux enterprise server 8
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    suse suse linux 8.2
    suse suse linux 9.0
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    suse suse linux 9.1
    redhat enterprise linux 3
    suse suse linux 9.2
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    novell linux desktop 9
    redhat enterprise linux 4
    redhat enterprise linux 4
    debian debian linux 3.1
    suse suse linux 10.0
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    suse suse linux 9.3