exploits , vulnerabilities , articles , Mozilla Suite And Firefox XPInstall JavaScript Object Instance Validation Vulnerability

Title	Mozilla Suite And Firefox XPInstall JavaScript Object Instance Validation Vulnerability
Published	2005-04-16-12:00AM
Updated	2005-08-23-02:37PM
Class	Input Validation Error
CVE	CAN-2005-1159
Remote	Yes
Local	No
Credit	Georgi Guninski <guninski@guninski.com> is credited with the discovery of this issue. Juha-Matti Laurio identified this issue in Netscape.
Vulnerable	Ubuntu Ubuntu Linux 5.0 4 powerpc Ubuntu Ubuntu Linux 5.0 4 i386 Ubuntu Ubuntu Linux 5.0 4 amd64 Ubuntu Ubuntu Linux 4.1 ppc Ubuntu Ubuntu Linux 4.1 ia64 Ubuntu Ubuntu Linux 4.1 ia32 SGI ProPack 3.0 SCO Unixware 7.1.4 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 8.2 S.u.S.E. Linux Enterprise Server 9 S.u.S.E. Linux Enterprise Server 8 S.u.S.E. Linux Desktop 1.0 RedHat Linux 9.0 i386 RedHat Linux 7.3 i686 RedHat Linux 7.3 i386 RedHat Linux 7.3 RedHat Fedora Core4 RedHat Fedora Core3 RedHat Fedora Core2 RedHat Fedora Core1 RedHat Enterprise Linux WS 3 RedHat Enterprise Linux WS 2.1 RedHat Enterprise Linux ES 3 RedHat Enterprise Linux ES 2.1 RedHat Enterprise Linux AS 3 RedHat Enterprise Linux AS 2.1 RedHat Desktop 3.0 RedHat Advanced Workstation for the Itanium Processor 2.1 Netscape Netscape 7.2 Netscape Netscape 7.1 Netscape Netscape 7.0 Netscape Navigator 7.2 Netscape Navigator 7.1 Netscape Navigator 7.0.2 Netscape Navigator 7.0 Mozilla Thunderbird 1.0.2 Mozilla Thunderbird 1.0.1 Mozilla Thunderbird 1.0 Mozilla Thunderbird 0.9 Mozilla Thunderbird 0.8 Mozilla Thunderbird 0.7.3 Mozilla Thunderbird 0.7.2 Mozilla Thunderbird 0.7.1 Mozilla Thunderbird 0.7 Mozilla Thunderbird 0.6 Mozilla Firefox 1.0.2 MandrakeSoft Linux Mandrake 10.2 MandrakeSoft Linux Mandrake 10.2 x86_64 RedHat Desktop 4.0 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux WS 4 Mozilla Firefox 1.0.1 RedHat Fedora Core3 Mozilla Firefox 1.0 Gentoo Linux S.u.S.E. Linux Personal 9.0 S.u.S.E. Linux Personal 9.0 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.2 x86_64 Slackware Linux current Slackware Linux 9.1 Slackware Linux 10.0 Slackware Linux 10.1 Mozilla Firefox 0.10.1 Mozilla Firefox 0.10 Mozilla Firefox 0.9.3 Mozilla Firefox 0.9.2 Mozilla Firefox 0.9.1 Mozilla Firefox 0.9 rc Mozilla Firefox 0.9 Mozilla Firefox 0.8 Mozilla Browser 1.7.6 HP HPUX B.11.00 HP HPUX B.11.11 HP HPUX B.11.11 HP HPUX B.11.22 HP HPUX B.11.23 RedHat Desktop 4.0 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux WS 4 Turbolinux Home Turbolinux Turbolinux 10 F... Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux Server 10.0 Mozilla Browser 1.7.5 HP Tru64 5.1 A PK6 HP Tru64 5.1 A PK6 (BL24) HP Tru64 5.1 B PK4 HP Tru64 5.1 B2 PK4 HP Tru64 5.1 B2 PK4 (BL25) Mozilla Browser 1.7.4 Mozilla Browser 1.7.3 HP HPUX B.11.00 HP HPUX B.11.11 HP HPUX B.11.11 HP HPUX B.11.22 HP HPUX B.11.23 HP Tru64 5.1 A PK6 HP Tru64 5.1 A PK6 (BL24) HP Tru64 5.1 B PK4 HP Tru64 5.1 B2 PK4 HP Tru64 5.1 B2 PK4 (BL25) Mozilla Browser 1.7.2 Mozilla Browser 1.7.1 Mozilla Browser 1.7 rc3 Mozilla Browser 1.7 rc2 Mozilla Browser 1.7 rc1 Mozilla Browser 1.7 beta Mozilla Browser 1.7 alpha Mozilla Browser 1.7 MandrakeSoft Linux Mandrake 10.2 x86_64 MandrakeSoft Linux Mandrake 10.2 MandrakeSoft Linux Mandrake 10.1 x86_64 MandrakeSoft Linux Mandrake 10.1 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 HP HPUX B.11.23 HP HPUX B.11.22 HP HPUX B.11.11 HP HPUX B.11.00 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia64 Debian Linux 3.1 ia32 Debian Linux 3.1 hppa Debian Linux 3.1 arm Debian Linux 3.1 amd64 Debian Linux 3.1 alpha Debian Linux 3.1
Not Vulnerable	Netscape Netscape 8.0 Mozilla Thunderbird 1.0.5 Mozilla Firefox 1.0.3 Gentoo Linux Mozilla Browser 1.7.7 RedHat Desktop 4.0 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux WS 4 Turbolinux Home Turbolinux Turbolinux 10 F... Turbolinux Turbolinux Desktop 10.0 Turbolinux Turbolinux Server 10.0
Code	Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: content@securitydot.net <mailto:content@securitydot.net>.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
2009-12-17 IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability
2009-12-17 Digital Scribe Cross Site Scripting and SQL Injection Vulnerabilities
2009-12-17 WP-Forum WordPress Plugin Multiple SQL Injection Vulnerabilities
2009-12-17 Quick Heal AntiVirus Insecure Program File Permissions Local Privilege Escalation Vulnerability