CVE-2005-0989
Mozilla Suite/Firefox/Netscape <1.7.6-1.0.2 - Info Disclosure
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-0989. PoCs published by Daniel McNeil.
AI-analyzed exploit summary This exploit leverages a memory-disclosure vulnerability in Mozilla Suite/Firefox due to improper handling of lambda expressions in the 'replace()' function. It allows a remote attacker to access arbitrary heap memory, aiding in further attacks like memory-corruption exploits.
Description
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method.
Exploits (1)
This exploit leverages a memory-disclosure vulnerability in Mozilla Suite/Firefox due to improper handling of lambda expressions in the 'replace()' function. It allows a remote attacker to access arbitrary heap memory, aiding in further attacks like memory-corruption exploits.