CVE - CVE-2005-4134

CVE-ID
CVE-2005-4134	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:15773 URL:http://www.securityfocus.com/bid/15773 BID:16476 URL:http://www.securityfocus.com/bid/16476 CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm CONFIRM:http://www.mozilla.org/security/announce/mfsa2006-03.html DEBIAN:DSA-1044 URL:http://www.debian.org/security/2006/dsa-1044 DEBIAN:DSA-1046 URL:http://www.debian.org/security/2006/dsa-1046 DEBIAN:DSA-1051 URL:http://www.debian.org/security/2006/dsa-1051 FEDORA:FEDORA-2006-075 URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html FEDORA:FEDORA-2006-076 URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html FEDORA:FLSA-2006:180036-2 URL:http://www.securityfocus.com/archive/1/425978/100/0/threaded FEDORA:FLSA:180036-1 URL:http://www.securityfocus.com/archive/1/425975/100/0/threaded FULLDISC:20051208 Re: re: Firefox 1.5 buffer overflow (poc) URL:http://marc.info/?l=full-disclosure&m=113405896025702&w=2 FULLDISC:20051208 re: Firefox 1.5 buffer overflow (poc) URL:http://marc.info/?l=full-disclosure&m=113404911919629&w=2 GENTOO:GLSA-200604-12 URL:http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml GENTOO:GLSA-200604-18 URL:http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml HP:HPSBUX02122 URL:http://www.securityfocus.com/archive/1/438730/100/0/threaded HP:SSRT061158 URL:http://www.securityfocus.com/archive/1/438730/100/0/threaded MANDRIVA:MDKSA-2006:036 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:036~~ (Obsolete source) MANDRIVA:MDKSA-2006:037 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:037~~ (Obsolete source) MISC:http://www.mozilla.org/security/history-title.html MISC:http://www.networksecurity.fi/advisories/netscape-history.html OSVDB:21533 URL:~~http://www.osvdb.org/21533~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:11382 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382 OVAL:oval:org.mitre.oval:def:1619 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619 REDHAT:RHSA-2006:0199 URL:http://www.redhat.com/support/errata/RHSA-2006-0199.html REDHAT:RHSA-2006:0200 URL:http://www.redhat.com/support/errata/RHSA-2006-0200.html SCO:SCOSA-2006.26 URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt SECTRACK:1015328 URL:http://securitytracker.com/id?1015328 SECUNIA:17934 URL:http://secunia.com/advisories/17934 SECUNIA:17944 URL:http://secunia.com/advisories/17944 SECUNIA:17946 URL:http://secunia.com/advisories/17946 SECUNIA:18700 URL:http://secunia.com/advisories/18700 SECUNIA:18704 URL:http://secunia.com/advisories/18704 SECUNIA:18705 URL:http://secunia.com/advisories/18705 SECUNIA:18706 URL:http://secunia.com/advisories/18706 SECUNIA:18708 URL:http://secunia.com/advisories/18708 SECUNIA:18709 URL:http://secunia.com/advisories/18709 SECUNIA:19230 URL:http://secunia.com/advisories/19230 SECUNIA:19746 URL:http://secunia.com/advisories/19746 SECUNIA:19759 URL:http://secunia.com/advisories/19759 SECUNIA:19852 URL:http://secunia.com/advisories/19852 SECUNIA:19862 URL:http://secunia.com/advisories/19862 SECUNIA:19863 URL:http://secunia.com/advisories/19863 SECUNIA:19902 URL:http://secunia.com/advisories/19902 SECUNIA:19941 URL:http://secunia.com/advisories/19941 SECUNIA:21033 URL:http://secunia.com/advisories/21033 SECUNIA:21622 URL:http://secunia.com/advisories/21622 SGI:20060201-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U SUNALERT:102550 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1~~ (Obsolete source) SUNALERT:228526 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1~~ (Obsolete source) UBUNTU:USN-271-1 URL:https://usn.ubuntu.com/271-1/ UBUNTU:USN-275-1 URL:https://usn.ubuntu.com/275-1/ VUPEN:ADV-2005-2805 URL:~~http://www.vupen.com/english/advisories/2005/2805~~ (Obsolete source) VUPEN:ADV-2006-0413 URL:~~http://www.vupen.com/english/advisories/2006/0413~~ (Obsolete source) VUPEN:ADV-2006-3391 URL:~~http://www.vupen.com/english/advisories/2006/3391~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20051209	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20051209)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)