Oval Definition:oval:org.mitre.oval:def:1619
Revision Date:2009-11-09Version:4
Title:Mozilla Firefox History File Buffer Overflow
Description:Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2005-4134
Platform(s):Microsoft Windows 2000
Microsoft Windows NT
Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):mozilla
Mozilla Firefox
Definition Synopsis
  • Mozilla Firefox pre-1.5 is installed
  • Mozilla Firefox pre-1.5
  • AND Firefox pre-1.5 is installed
  • OR Mozilla Firefox version 1.5 is installed and has NOT been patched with version 1.5.0.1
  • Mozilla Firefox version 1.5 is installed
  • AND Firefox version 1.5 or earlier is installed
  • AND NOT The version of Firefox.exe is greater than or equal to 1.8.20060.11112
  • OR Mozilla Suite version 1.7.12 or earlier is installed
  • Mozilla Suite version 1.7.12 or earlier is installed
  • AND Mozilla Suite version 1.7.12 or earlier is installed
  • OR A pre-release of SeaMonkey 1.0 is installed
  • A pre-release of SeaMonkey 1.0 is installed
  • AND A pre-release of SeaMonkey 1.0 is installed
    • BACK