Oval Definition:oval:org.mitre.oval:def:9808
Revision Date:2013-04-29Version:11
Title:Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.
Description:Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-1316
Platform(s):CentOS Linux 3
Red Hat Enterprise Linux 3
Product(s):
Definition Synopsis
  • RHEL3 or CentOS3
  • The operating system installed on the system is Red Hat Enterprise Linux 3
  • OR CentOS Linux 3.x
  • AND Configuration section
  • mozilla-js-debugger is earlier than 37:1.4.3-3.0.7
  • OR mozilla is earlier than 37:1.4.3-3.0.7
  • OR mozilla-chat is earlier than 37:1.4.3-3.0.7
  • OR mozilla-mail is earlier than 37:1.4.3-3.0.7
  • OR mozilla-dom-inspector is earlier than 37:1.4.3-3.0.7
  • OR mozilla-devel is earlier than 37:1.4.3-3.0.7
  • OR mozilla-nss is earlier than 37:1.4.3-3.0.7
  • OR mozilla-nss-devel is earlier than 37:1.4.3-3.0.7
  • OR mozilla-nspr is earlier than 37:1.4.3-3.0.7
  • OR mozilla-nspr-devel is earlier than 37:1.4.3-3.0.7
    • BACK