Author: micah Date: 2005-09-25 01:28:53 +0000 (Sun, 25 Sep 2005) New Revision: 2173 Added: data/DTSA/advs/18-thunderbird.adv Log: Preparing DTSA-18 for thunderbird Added: data/DTSA/advs/18-thunderbird.adv ==================================================================--- data/DTSA/advs/18-thunderbird.adv 2005-09-25 01:26:27 UTC (rev 2172) +++ data/DTSA/advs/18-thunderbird.adv 2005-09-25 01:28:53 UTC (rev 2173) @@ -0,0 +1,23 @@ +source: xxx +date: Bloptember 99th, 1990 +author: xxx +vuln-type: multiple +problem-scope: remote/local +debian-specifc: yes/no +cve: CAN-2005-0989, CAN-2005-1159 +vendor-advisory: +testing-fix: xxx +sid-fix: xxx +upgrade: apt-get install xxx + +xxx multiline description here + +CAN-2005-0989 + The find_replen function in the Javascript engine allows remote + attackers to read portions of heap memory in a Javascript string via + the lambda replace method. + +CAN-2005-1159 + Native function implementations are not verified, causing Javascript + execution at improper memory addresses allowing denial of service and + potentially arbitrary code execution