Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4134

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-4134
Last Modified 07 Mar 2011 09:27:42
Published 09 Dec 2005 10:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-4134

Summary

Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.

Vulnerable Systems

Application

  • K-meleon Project K-meleon 0.7

  • K-meleon Project K-meleon 0.7 Service Pack 1

  • K-meleon Project K-meleon 0.8

  • K-meleon Project K-meleon 0.8.1

  • K-meleon Project K-meleon 0.8.2

  • K-meleon Project K-meleon 0.9

  • Mozilla Firefox 1.5

  • Mozilla Suite 1.7.12

  • Netscape Navigator 7.1

  • Netscape Navigator 7.2

  • Netscape Navigator 8.0.40


References

VUPEN - ADV-2006-3391

VUPEN - ADV-2006-0413

VUPEN - ADV-2005-2805

UBUNTU - USN-275-1

UBUNTU - USN-271-1

BID - 16476

BID - 15773

HP - SSRT061158

FEDORA - FLSA-2006:180036-2

FEDORA - FLSA:180036-1

REDHAT - RHSA-2006:0200

REDHAT - RHSA-2006:0199

FEDORA - FEDORA-2006-076

FEDORA - FEDORA-2006-075

OSVDB - 21533

MISC - http://www.networksecurity.fi/advisories/netscape-history.html

MISC - http://www.mozilla.org/security/history-title.html

CONFIRM - http://www.mozilla.org/security/announce/mfsa2006-03.html

GENTOO - GLSA-200604-18

GENTOO - GLSA-200604-12

DEBIAN - DSA-1051

DEBIAN - DSA-1046

DEBIAN - DSA-1044

SUNALERT - 228526

SECTRACK - 1015328

SECUNIA - 19941

SECUNIA - 19902

SECUNIA - 19863

SECUNIA - 19862

SECUNIA - 19852

SECUNIA - 19759

SECUNIA - 19746

SECUNIA - 19230

SECUNIA - 18709

SECUNIA - 18708

SECUNIA - 18706

SECUNIA - 18705

SECUNIA - 18704

SECUNIA - 18700

SECUNIA - 17946

SECUNIA - 17944

SECUNIA - 17934

FULLDISC - 20051208 Re: re: Firefox 1.5 buffer overflow (poc)

FULLDISC - 20051208 re: Firefox 1.5 buffer overflow (poc)

SGI - 20060201-01-U

MANDRIVA - MDKSA-2006:037

MANDRIVA - MDKSA-2006:036

CONFIRM - http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm

SUNALERT - 102550

SECUNIA - 21622

SECUNIA - 21033

SCO - SCOSA-2006.26

HP - HPSBUX02122


Last Updated: 27 May 2016 10:44:52