CVE-2005-0255

String handling functions in Mozilla 1.7.3, Firefox 1.0, and Thunderbird before 1.0.2, such as the nsTSubstring_CharT::Replace function, do not properly check the return values of other functions that resize the string, which allows remote attackers to cause a denial of service and possibly execute arbitrary code by forcing an out-of-memory state that causes a reallocation to fail and return a pointer to a fixed address, which leads to heap corruption.

Published: May 2, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-0255
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
mozilla / thunderbird	0.6	0.6.x
mozilla / thunderbird	0.3	0.3.x
mozilla / thunderbird	0.2	0.2.x
mozilla / thunderbird	1.0	1.0.x
mozilla / firefox	1.0	1.0.x
mozilla / thunderbird	0.5	0.5.x
mozilla / thunderbird	0.9	0.9.x
mozilla / thunderbird	0.4	0.4.x
mozilla / thunderbird	0.7	0.7.x
mozilla / thunderbird	0.1	0.1.x
mozilla / thunderbird	0.8	0.8.x
mozilla / mozilla	1.7.3	1.7.3.x

Vulnerability Database

289,697

CVE-2005-0255