[Forgot Password]
Login  Register Subscribe

24547

 
 

132803

 
 

128796

 
 

909

 
 

106110

 
 

152

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla IDN heap overrun using soft-hyphens

ID: oval:org.mitre.oval:def:584Date: (C)2005-11-11   (M)2018-11-17
Class: VULNERABILITYFamily: windows




Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.

Platform:
Microsoft Windows NT
Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product:
Mozilla
Reference:
CVE-2005-2871
CVE    1
CVE-2005-2871
CPE    11
cpe:/a:mozilla:firefox:1.0.6
cpe:/a:mozilla:firefox:1.0.4
cpe:/a:mozilla:firefox:::x86
cpe:/a:mozilla:firefox:1.0.5
...

© SecPod Technologies