diff options
author | Micah Anderson <micah@debian.org> | 2005-09-25 01:28:53 +0000 |
---|---|---|
committer | Micah Anderson <micah@debian.org> | 2005-09-25 01:28:53 +0000 |
commit | 80e803e6d22fc15576411958af9ec1782efaecf8 (patch) | |
tree | 25e0b4901d354bd59096630cd8b14341659465fa /data/DTSA/advs | |
parent | ed8da113b8724467106e23402a3d2e6dee08cd33 (diff) |
Preparing DTSA-18 for thunderbird
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2173 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA/advs')
-rw-r--r-- | data/DTSA/advs/18-thunderbird.adv | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/data/DTSA/advs/18-thunderbird.adv b/data/DTSA/advs/18-thunderbird.adv new file mode 100644 index 0000000000..bda6f97720 --- /dev/null +++ b/data/DTSA/advs/18-thunderbird.adv @@ -0,0 +1,23 @@ +source: xxx +date: Bloptember 99th, 1990 +author: xxx +vuln-type: multiple +problem-scope: remote/local +debian-specifc: yes/no +cve: CAN-2005-0989, CAN-2005-1159 +vendor-advisory: +testing-fix: xxx +sid-fix: xxx +upgrade: apt-get install xxx + +xxx multiline description here + +CAN-2005-0989 + The find_replen function in the Javascript engine allows remote + attackers to read portions of heap memory in a Javascript string via + the lambda replace method. + +CAN-2005-1159 + Native function implementations are not verified, causing Javascript + execution at improper memory addresses allowing denial of service and + potentially arbitrary code execution |