You are here: Known Vulnerabilities in Mozilla Products (Firefox 1.0.1) > MFSA 2005-18
Mozilla Foundation Security Advisory 2005-18
Title: Memory overwrite in string library
Severity: High
Risk: Low
Reporter: Daniel de Wildt
Products: Firefox, Thunderbird, Mozilla Suite
Fixed in: Firefox 1.0.1
Thunderbird 1.0.2
Mozilla Suite 1.7.6
Description
Daniel de Wildt discovered a memory handling flaw in Mozilla string classes that could overwrite memory at a fixed location if reallocation fails during string growth. This could theoretically lead to arbitrary code execution. Creating the exact conditions for exploitation--including running out of memory at just the right moment--is unlikely.
This flaw was independently discovered by Gaël Delalleau and reported by iDEFENSE
Workaround
Upgrade to a fixed version
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=277549
- http://www.idefense.com/application/poi/display?id=200&type=vulnerabilities