vendor:
Mozilla Suite/Firefox/K-Meleon/Camino
by:
SecurityFocus
7.5
CVSS
HIGH
Memory Disclosure
200
CWE
Product Name: Mozilla Suite/Firefox/K-Meleon/Camino
Affected Version From: Mozilla 1.7.6, Firefox 1.0.1, K-Meleon 0.9, Camino 0.8.3
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2005
Mozilla Suite/Firefox Memory Disclosure Vulnerability
Due to an error in the way 'replace()' handles lambda expressions, a remote attacker can access arbitrary heap memory from a vulnerable client. Information harvested in this manner could then aid in further attacks launched against the vulnerable computer (such as memory-corruption exploits).
Mitigation:
Upgrade to the latest version of Mozilla Suite/Firefox/K-Meleon/Camino.