mozilla -- javascript "lambda" replace exposes memory contents
Description:
A Mozilla Foundation Security Advisory reports:
A bug in javascript's regular expression string
replacement when using an anonymous function as the
replacement argument allows a malicious script to capture
blocks of memory allocated to the browser. A web site
could capture data and transmit it to a server without
user interaction or knowledge.
Workaround: Disable Javascript
References:
Affects:
- firefox <1.0.3,1
- linux-firefox <1.0.3
- mozilla <1.7.7,2
- mozilla >=1.8.*,2
- linux-mozilla <1.7.7
- linux-mozilla >=1.8.*
- linux-mozilla-devel <1.7.7
- linux-mozilla-devel >=1.8.*
- netscape7 >=0
- de-linux-mozillafirebird >=0
- el-linux-mozillafirebird >=0
- ja-linux-mozillafirebird-gtk1 >=0
- ja-mozillafirebird-gtk2 >=0
- linux-mozillafirebird >=0
- ru-linux-mozillafirebird >=0
- zhCN-linux-mozillafirebird >=0
- zhTW-linux-mozillafirebird >=0
- de-linux-netscape >=0
- de-netscape7 >=0
- fr-linux-netscape >=0
- fr-netscape7 >=0
- ja-linux-netscape >=0
- ja-netscape7 >=0
- linux-netscape >=0
- linux-phoenix >=0
- mozilla+ipv6 >=0
- mozilla-embedded >=0
- mozilla-firebird >=0
- mozilla-gtk1 >=0
- mozilla-gtk2 >=0
- mozilla-gtk >=0
- mozilla-thunderbird >=0
- phoenix >=0
- pt_BR-netscape7 >=0
portaudit: mozilla -- javascript "lambda" replace exposes memory contents
Disclaimer: The data contained on this page is derived from the VuXML document,
please refer to the the original document for copyright information. The author of
portaudit makes no claim of authorship or ownership of any of the information contained herein.
If you have found a vulnerability in a FreeBSD port not listed in the
database, please contact the
FreeBSD Security Officer. Refer to
"FreeBSD Security
Information" for more information.
Oliver Eikemeier <eik@FreeBSD.org>
