CVE-2005-4134 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-4134
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-4134

Description: Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.

CVE Status: Candidate

References: UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-271-1 http://www.ubuntulinux.org/support/documentation/usn/usn-275-1 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 ST 1015328 SGI SCO SAID Secunia Advisory: SA19230 Secunia Advisory: SA18706 Secunia Advisory: SA18705 Secunia Advisory: SA18709 Secunia Advisory: SA18708 Secunia Advisory: SA17946 Secunia Advisory: SA18700 Secunia Advisory: SA18704 Secunia Advisory: SA17944 Secunia Advisory: SA17934 Secunia Advisory: SA19759 Secunia Advisory: SA19852 Secunia Advisory: SA19862 Secunia Advisory: SA19863 Secunia Advisory: SA19902 Secunia Advisory: SA19941 Secunia Advisory: SA19746 Secunia Advisory: SA21033 Secunia Advisory: SA21622 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0200.html http://www.redhat.com/support/errata/RHSA-2006-0199.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1619 OSVDB 21533 MISC http://www.mozilla.org/security/history-title.html http://www.networksecurity.fi/advisories/netscape-history.html MANDRIVA http://www.mandriva.com/security/advisories?name=MDKSA-2006:037 http://www.mandriva.com/security/advisories?name=MDKSA-2006:036 HP http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded GENTOO http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml FULLDISC http://marc.theaimsgroup.com/?l=full-disclosure&m=113404911919629&w=2 http://marc.theaimsgroup.com/?l=full-disclosure&m=113405896025702&w=2 FEDORA http://www.securityfocus.com/archive/1/archive/1/425975/100/0/threaded http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html http://www.securityfocus.com/archive/1/archive/1/425978/100/0/threaded http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html DEBIAN http://www.debian.org/security/2006/dsa-1051 http://www.debian.org/security/2006/dsa-1044 http://www.debian.org/security/2006/dsa-1046 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm http://www.mozilla.org/security/announce/mfsa2006-03.html BID 16476 15773

Return to the previous page.