Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2414

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2005-2414
Last Modified 05 Sep 2008 04:51:41
Published 03 Aug 2005 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-2414

Summary

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering page and referenced objects to be deleted.

Vulnerable Systems

Application

  • Xpcom


References

XF - mozilla-xpcom-race-condition(21472)

MISC - http://www.gulftech.org/?node=research&article_id=00091-07212005

SECTRACK - 1014550

SECTRACK - 1014548

BUGTRAQ - 20050721 Mozilla XPCOM Library Race Condition


Last Updated: 27 May 2016 10:40:30