OVAL Repository - View Definition: oval:org.mitre.oval:def:584

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:584		Version: 3 Last Modified: 2007-04-23
Title:	Mozilla IDN heap overrun using soft-hyphens
Description:	Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
Family:	windows	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2005-2871
Platform(s):	Microsoft Windows NT Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003	Product(s):	mozilla
Definition Synopsis:
Mozilla Suite version 1.7.10 or earlier is installed Mozilla Suite version 1.7.10 or earlier is installed AND Mozilla Suite version 1.7.10 or earlier is installed OR Mozilla Firefox version 1.0.6 or earlier is installed Firefox version 1.0.6 or earlier is installed AND Mozilla Firefox version 1.0.6 or earlier is installed

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest