Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2010/11/10 7:0 p.m.5 views

Mozilla dangling pointer vulnerability in LookupGetterOrSetter

The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.lookupGetter function calls that lack arguments, which allows remote attackers to...

9.3CVSS7.8AI score0.06451EPSS
Exploits1References4
Prion
Prion
added 2010/10/21 7:0 p.m.26 views

Null pointer dereference

The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.lookupGetter function calls that lack arguments, which allows remote attackers to...

9.3CVSS8.2AI score0.06451EPSS
Exploits1References19Affected Software3
RedHat Linux
RedHat Linux
added 2010/10/19 11:20 p.m.7 views

Mozilla dangling pointer vulnerability in LookupGetterOrSetter

The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.lookupGetter function calls that lack arguments, which allows remote attackers to...

9.3CVSS7.8AI score0.06451EPSS
Exploits1References4
Mozilla
Mozilla
added 2010/10/19 12:0 a.m.43 views

Dangling pointer vulnerability in LookupGetterOrSetter — Mozilla

Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that when window.lookupGetter is called with no arguments the code assumes the top JavaScript stack value is a property name. Since there were no arguments passed into the function, the top value could represent...

9.3CVSS1.7AI score0.06451EPSS
Exploits1References2Affected Software3
Rows per page
Query Builder