Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox和Mozilla浏览器字符串处理堆破坏漏洞
Vulnerability Description
Mozilla是一款开放源码的Web浏览器。 Mozilla 1.7.3和Firefox 1.0中的实现中存在漏洞,远程利用漏洞可能允许攻击者导致堆破坏,造成执行任意代码。 漏洞存在于依赖mozilla/xpcom/string/src/nsTSubstring.cpp文件中函数的字符串处理函数(如nsCSubstring::Append)中。某些函数(如nsTSubstring_CharT::Replace())不能检查重新划定字符串大小函数的返回值。 xpcom/string/src/nsTSubst
CVSS Information
N/A
Vulnerability Type
N/A