OVAL Reference oval:org.mitre.oval:def:1287

Oval Definition:

oval:org.mitre.oval:def:1287

Revision Date:	2006-02-01	Version:	17
Title:	Mozilla IDN heap overrun using soft-hyphens
Description:	Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2005-2871
Platform(s):	HP-UX 11	Product(s):	mozilla
Definition Synopsis
700 Series or 800 Series OS Release 11.00, 11.11, 11.22, or 11.23 700 Series or 800 Series OS Release 11.00 700 Series OS Release 11.00 700-series HP AND HP Release B.11.00 OR 800 Series OS Release 11.00 800-series HP AND HP Release B.11.00 OR 700 Series or 800 Series OS Release 11.11 700 Series OS Release 11.11 700-series HP AND HP Release B.11.11 OR 800 Series OS Release 11.11 800-series HP AND HP Release B.11.11 OR 700 Series or 800 Series OS Release 11.22 700 Series OS Release 11.22 700-series HP AND HP Release B.11.22 OR 800 Series OS Release 11.22 800-series HP AND HP Release B.11.22 OR 700 Series or 800 Series OS Release 11.23 700 Series OS Release 11.23 700-series HP AND HP Release B.11.23 OR 800 Series OS Release 11.23 800-series HP AND HP Release B.11.23 AND Mozilla is installed AND NOT Mozilla v1.7.12 (1.7.12.0.00) or later is installed

BACK