SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Paid content will be excluded from the download.

Download | Alert*

CVE

CVE-2005-4134

Date: (C)2005-12-09 (M)2024-03-27

Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

SECTRACK-1015328

SUNALERT-102550

http://marc.info/?l=full-disclosure&m=113405896025702&w=2

http://marc.info/?l=full-disclosure&m=113404911919629&w=2

SUNALERT-228526

FEDORA-2006-075

FEDORA-2006-076

FLSA-2006:180036-2

http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

http://www.mozilla.org/security/announce/mfsa2006-03.html

http://www.mozilla.org/security/history-title.html

http://www.networksecurity.fi/advisories/netscape-history.html

oval:org.mitre.oval:def:11382

oval:org.mitre.oval:def:1619

cpe:/a:netscape:navigator:7.2
cpe:/a:netscape:navigator:7.1
cpe:/a:netscape:navigator:8.0.40
cpe:/a:mozilla:firefox:1.5
...

oval:org.mitre.oval:def:1619

© SecPod Technologies