SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Web Browser)  >  Netscape Vendors:  America Online, Inc.
Netscape Browser Javascript Regex Parsing Error Discloses Memory to Remote Users
SecurityTracker Alert ID:  1013643
SecurityTracker URL:  http://securitytracker.com/id?1013643
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Apr 5 2005
Impact:  Disclosure of system information, Disclosure of user information
Exploit Included:  Yes  
Version(s): 7.2 and prior versions
Description:  Juha-Matti Laurio reported that the Netscape Browser is affected by the recent Mozilla vulnerability in Javascript regex parsing. A remote user can obtain portions of browser memory.

The browser's javascript implementation does not properly parse lamba list regular expressions.

The vulnerability resides in 'js/src/jsstr.c' in the find_replen() function.

A demonstration exploit is available at:

http://cubic.xfo.org.ru/firefox-bug/index.html

The vendor was notified on April 4, 2005.
Impact:  A remote user can access random portions of browser memory.
Solution:  No solution was available at the time of this entry.

As a temporary workaround, you can disable Javascript.
Vendor URL:  channels.netscape.com/ns/browsers/default.jsp (Links to External Site)
Cause:  Access control error, State error
Underlying OS:  Windows (Any)
Reported By:  Juha-Matti Laurio <juha-matti.laurio@netti.fi>
Message History:   None.

 Source Message Contents
Date:  Tue, 5 Apr 2005 05:18:21 +0300 (EEST)
From:  Juha-Matti Laurio <juha-matti.laurio@netti.fi>
Subject:  Netscape Browser Javascript Regex Parsing Error Vulnerability

 
 
Netscape 7 web browser is confirmed and tested to vulnerable to issue 
handled in SecurityTracker Alert ID 1013636.
 
Fix Available: No
Vendor Informed: Yes
 
Affected Version(s): 7.2 and prior
 
Underlying OS: Windows (Any)
 
Impact: See ID 1013636.
 
No solution was available at the time of this entry.
 
Workaround:
Disable JavaScript:
Edit / Preferences... / Advanced / Scripts & Plugins: remove selection 
from 'Navigator' at 'Enable JavaScript for' section.
When JavaScript was disabled, Netscape 7.2 was not affected any more.
 
Vendor URL: http://www.netscape.com/ ,
http://channels.netscape.com/ns/browsers/download.jsp
 
Vendor was contacted on 4th April 2005 with Security Bug Report Form. It 
is not possible to get reply by this form "(x) Check this checkbox to 
indicate that you understand this is not a place to get support, and 
that you will not receive a reply to the information you entered above. 
You may not submit a bug report unless you check this box.".
 
Issue was tested with the following user agent (Windows XP Professional US):
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.2) Gecko/20040804 
Netscape/7.2 (ax)
 
 
Best regards,
Juha-Matti Laurio
Finland
http://www.networksecurity.fi/


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2005, SecurityGlobal.net LLC