Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-837-1
HistoryOct 02, 2005 - 12:00 a.m.

mozilla-firefox - buffer overflow

2005-10-0200:00:00
Google
osv.dev
7

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Tom Ferris discovered a bug in the IDN hostname handling of Mozilla
Firefox, which is also present in the other browsers from the same
family that allows remote attackers to cause a denial of service and
possibly execute arbitrary code via a hostname with dashes.

For the stable distribution (sarge) this problem has been fixed in
version 1.0.4-2sarge4.

For the unstable distribution (sid) this problem has been fixed in
version 1.0.6-5.

We recommend that you upgrade your mozilla-firefox package.

Related

redhat 3
nessus 23
packetstorm 1
openvas 13
checkpoint_advisories 2
ubuntu 1
centos 4
debian 6
cve 1
cert 1
ubuntucve 1
freebsd 1
gentoo 1
osv 2
redhat
redhat
(RHSA-2005:768) firefox security update
2005-09-09 00:00:00
(RHSA-2005:769) mozilla security update
2005-09-09 00:00:00
(RHSA-2005:791) thunderbird security update
2005-10-06 00:00:00
nessus
nessus
RHEL 2.1 / 3 / 4 : mozilla (RHSA-2005:769)
2005-09-12 00:00:00
FreeBSD : firefox & mozilla -- buffer overflow vulnerability (8665ebb9-2237-11da-978e-0001020eed82)
2006-05-13 00:00:00
Mozilla Thunderbird < 1.0.7 IDN URL Domain Name Overflow
2005-09-14 00:00:00
packetstorm
packetstorm
pwnzilla.txt
2005-09-23 00:00:00
openvas
openvas
FreeBSD Ports: firefox
2008-09-04 00:00:00
Debian: Security Advisory (DSA-837-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200509-11 (mozilla)
2008-09-24 00:00:00
checkpoint_advisories
checkpoint_advisories
Firefox Domain Name Handling Buffer Overflow (CVE-2005-2871)
2009-10-13 00:00:00
Firefox Hyphenated URL Buffer Overflow - Ver2 (CVE-2005-2871)
2014-03-03 00:00:00
ubuntu
ubuntu
Mozilla products vulnerability
2005-09-12 00:00:00
centos
centos
mozilla security update
2005-09-11 23:22:26
mozilla security update
2005-09-10 08:21:32
firefox security update
2005-09-10 09:39:57
debian
debian
[SECURITY] [DSA 837-1] New Mozilla Firefox packages fix denial of service
2005-10-02 06:07:56
[SECURITY] [DSA 837-1] New Mozilla Firefox packages fix denial of service
2005-10-02 06:07:56
[SECURITY] [DSA 866-1] New Mozilla packages fix several vulnerabilities
2005-10-20 05:44:19
cve
cve
CVE-2005-2871
2005-09-09 18:03:00
cert
cert
Mozilla-based browsers contain a buffer overflow in handling URIs containing a malformed IDN hostname
2005-09-09 00:00:00
ubuntucve
ubuntucve
CVE-2005-2871
2005-09-09 00:00:00
freebsd
freebsd
firefox & mozilla -- buffer overflow vulnerability
2005-09-08 00:00:00
gentoo
gentoo
Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities
2005-09-18 00:00:00
osv
osv
mozilla-thunderbird - several
2005-10-20 00:00:00
mozilla - several
2005-10-20 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON
Related for OSV:DSA-837-1
redhat3nessus23packetstorm1openvas13checkpoint_advisories2ubuntu1centos4debian6cve1cert1ubuntucve1freebsd1gentoo1osv2