Mozilla Foundation Security Advisory 2005-18

Memory overwrite in string library

Announced

February 24, 2005

Reporter

Daniel de Wildt

Risk

Low

Impact

High

Products

Firefox, Mozilla Suite, Thunderbird

Fixed in

Firefox 1.0.1
Mozilla Suite 1.7.6
Thunderbird 1.0.2

Description

Daniel de Wildt discovered a memory handling flaw in Mozilla string classes that could overwrite memory at a fixed location if reallocation fails during string growth. This could theoretically lead to arbitrary code execution. Creating the exact conditions for exploitation--including running out of memory at just the right moment--is unlikely.

This flaw was independently discovered by Gaël Delalleau and reported by iDEFENSE

Workaround

Upgrade to a fixed version

References

https://bugzilla.mozilla.org/show_bug.cgi?id=277549
http://www.idefense.com/application/poi/display?id=200&type=vulnerabilities

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice