| Definition Id: oval:org.mitre.oval:def:1287 |
Version: 1
Last Modified: 2005-11-30
|
| Title: |
Mozilla IDN heap overrun using soft-hyphens |
| Description: |
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. |
| Family: |
unix |
Class: |
vulnerability |
| Status: |
ACCEPTED |
Reference(s): |
CVE-2005-2871
|
| Platform(s): |
HP-UX 11 |
Product(s): |
mozilla |
| Definition Synopsis: |
- 700 Series or 800 Series OS Release 11.00, 11.11, 11.22, or 11.23
- 700 Series or 800 Series OS Release 11.00
- 700 Series OS Release 11.00
- OR 800 Series OS Release 11.00
- OR 700 Series or 800 Series OS Release 11.11
- 700 Series OS Release 11.11
- OR 800 Series OS Release 11.11
- OR 700 Series or 800 Series OS Release 11.22
- 700 Series OS Release 11.22
- OR 800 Series OS Release 11.22
- OR 700 Series or 800 Series OS Release 11.23
- 700 Series OS Release 11.23
- OR 800 Series OS Release 11.23
- AND Mozilla is installed
- AND NOT Mozilla v1.7.12 (1.7.12.0.00) or later is installed
|
