JavaScript garbage-collection hazards — Mozilla

2006-02-0100:00:00

Mozilla Foundation

www.mozilla.org

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.955

Percentile

99.4%

JSON

Garbage collection hazards have been found in the JavaScript engine where some routines used temporary variables that were not properly protected (rooted). Specially crafted objects could contain a user-defined method that would be called during the lifetime of these temporaries. If this method triggered garbage collection the engine would operate on the unexpectedly freed temporary object when it returned from the user-defined routine.

Affected configurations

Vulners

Node

mozillafirefoxRange<1.0.8

mozillafirefoxRange<1.5.0.1

mozillamozilla_suiteRange<1.7.13

mozillaseamonkeyRange<1

mozillathunderbirdRange<1.0.8

mozillathunderbirdRange<1.5.0.2

VendorProductVersionCPE
mozillafirefox*cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
mozillamozilla_suite*cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*
mozillaseamonkey*cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
mozillathunderbird*cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	firefox	*	cpe:2.3:a:mozilla:firefox::::::::
mozilla	mozilla_suite	*	cpe:2.3:a:mozilla:mozilla_suite::::::::
mozilla	seamonkey	*	cpe:2.3:a:mozilla:seamonkey::::::::
mozilla	thunderbird	*	cpe:2.3:a:mozilla:thunderbird::::::::