Vulners
Lucene search
Mozilla Products - 'Host:' Buffer Overflow (Denial of Service) (PoC) String
<!--
Mozilla Firefox <= 1.0.6 (Host:) Buffer Overflow DoS String
Formatted for your tesing /str0ke
Tom Ferris
www.security-protocols.com
Versions Affected:
Firefox Win32 1.0.6 and prior
Firefox Linux 1.0.6 and prior
Firefox 1.5 Beta 1 (Deer Park Alpha 2)
Technical Details:
The problem seems to be when a hostname which has all dashes causes the
NormalizeIDN call in nsStandardURL::BuildNormalizedSpec to return true,
but is sets encHost to an empty string. Meaning, Firefox appends 0 to
approxLen and then appends the long string of dashes to the buffer
instead. The following HTML code below will reproduce this issue:
String:
<A HREF=https:--------------------------------------------- >
-->
<A HREF=https: >
# milw0rm.com [2005-09-09]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
09 Sep 2005 00:00Current
7.4High risk
Vulners AI Score7.4