IDN heap overrun using soft-hyphens — Mozilla

Tom Ferris reported a Firefox crash when processing a domain name consisting solely of soft-hyphen characters. This is due to a heap overrun triggered when Internationalized Domain Name IDN processing results in an empty string after removing non-mapping characters such as soft-hyphens. This...

CVE-2005-2871

Buffer overflow in the International Domain Name IDN support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a hostname with all "soft" hyphens character 0xAD, which is not...