| Vulnerability Name: | CVE-2005-2871 (CCN-22207) | ||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2005-09-09 | ||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2005-09-09 | ||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2018-05-03 | ||||||||||||||||||||||||||||||||||||||||||||
| Summary: | Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec. | ||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Gain Access | ||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: CCN Type: Full-Disclosure Mailing List: Fri Sep 09 2005 - 01:09:51 CDT Mozilla Firefox "Host:" Buffer Overflow Source: FULLDISC Type: UNKNOWN 20050911 FireFox "Host:" Buffer Overflow is not just exploitable on FireFox Source: CCN Type: Netscape Web site The All New Netscape Browser 8.0 Source: MITRE Type: CNA CVE-2005-2871 Source: FULLDISC Type: UNKNOWN 20050909 Mozilla Firefox "Host:" Buffer Overflow Source: CCN Type: RHSA-2005-768 firefox security update Source: CCN Type: RHSA-2005-769 mozilla security update Source: CCN Type: RHSA-2005-791 thunderbird security update Source: CCN Type: SA16764 Firefox IDN URL Domain Name Buffer Overflow Source: SECUNIA Type: UNKNOWN 16764 Source: CCN Type: SA16766 Netscape IDN URL Domain Name Buffer Overflow Source: SECUNIA Type: UNKNOWN 16766 Source: CCN Type: SA16767 Mozilla IDN URL Domain Name Buffer Overflow Source: SECUNIA Type: UNKNOWN 16767 Source: SECUNIA Type: UNKNOWN 17042 Source: SECUNIA Type: UNKNOWN 17090 Source: SECUNIA Type: UNKNOWN 17263 Source: SECUNIA Type: UNKNOWN 17284 Source: SREASON Type: UNKNOWN 83 Source: CCN Type: SECTRACK ID: 1014877 Mozilla Firefox Buffer Overflow in Processing Hostnames May Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1014877 Source: CCN Type: CIAC INFORMATION BULLETIN P-303 Firefox and Mozilla Buffer Overflow Vulnerability Source: CIAC Type: UNKNOWN P-303 Source: DEBIAN Type: UNKNOWN DSA-837 Source: DEBIAN Type: UNKNOWN DSA-866 Source: DEBIAN Type: UNKNOWN DSA-868 Source: DEBIAN Type: DSA-837 mozilla-firefox -- buffer overflow Source: DEBIAN Type: DSA-866 mozilla -- several vulnerabilities Source: DEBIAN Type: DSA-868 mozilla-thunderbird -- several vulnerabilities Source: CCN Type: GLSA-200509-11 Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities Source: GENTOO Type: UNKNOWN GLSA-200509-11 Source: CCN Type: US-CERT VU#573857 Mozilla-based browsers contain a buffer overflow in handling URIs containing a malformed IDN hostname Source: CERT-VN Type: US Government Resource VU#573857 Source: MANDRIVA Type: UNKNOWN MDKSA-2005:174 Source: CCN Type: Mozilla Firefox Download Web page Firefox - Rediscover the web Source: CCN Type: Mozilla Suite Web page Mozilla Suite- The All-in-One Internet Application Suite Source: CCN Type: MFSA 2005-57 IDN heap overrun using soft-hyphens Source: CONFIRM Type: UNKNOWN http://www.mozilla.org/security/announce/mfsa2005-57.html Source: OSVDB Type: UNKNOWN 19255 Source: CCN Type: OSVDB ID: 19255 Mozilla Multiple Browser International Domain Name (IDN) URL Domain Name Overflow Source: FEDORA Type: UNKNOWN FLSA-2006:168375 Source: REDHAT Type: UNKNOWN RHSA-2005:768 Source: REDHAT Type: UNKNOWN RHSA-2005:769 Source: REDHAT Type: UNKNOWN RHSA-2005:791 Source: MISC Type: UNKNOWN http://www.securiteam.com/securitynews/5RP0B0UGVW.html Source: MISC Type: Exploit, Vendor Advisory http://www.security-protocols.com/advisory/sp-x17-advisory.txt Source: MISC Type: Exploit http://www.security-protocols.com/firefox-death.html Source: BID Type: UNKNOWN 14784 Source: CCN Type: BID-14784 Mozilla/Netscape/Firefox Browsers Domain Name Remote Buffer Overflow Vulnerability Source: CCN Type: USN-181-1 Mozilla products vulnerability Source: UBUNTU Type: UNKNOWN USN-181-1 Source: VUPEN Type: UNKNOWN ADV-2005-1690 Source: VUPEN Type: UNKNOWN ADV-2005-1691 Source: VUPEN Type: UNKNOWN ADV-2005-1824 Source: CONFIRM Type: UNKNOWN https://bugzilla.mozilla.org/show_bug.cgi?id=307259 Source: XF Type: UNKNOWN mozilla-url-bo(22207) Source: XF Type: UNKNOWN mozilla-url-bo(22207) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:1287 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:584 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9608 | ||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||