CVE - CVE-2005-4134

CVE-ID
CVE-2005-4134	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
FULLDISC:20051208 Re: re: Firefox 1.5 buffer overflow (poc) URL:http://marc.info/?l=full-disclosure&m=113405896025702&w=2 FULLDISC:20051208 re: Firefox 1.5 buffer overflow (poc) URL:http://marc.info/?l=full-disclosure&m=113404911919629&w=2 MISC:http://www.mozilla.org/security/history-title.html MISC:http://www.networksecurity.fi/advisories/netscape-history.html CONFIRM:http://www.mozilla.org/security/announce/mfsa2006-03.html CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm DEBIAN:DSA-1044 URL:http://www.debian.org/security/2006/dsa-1044 DEBIAN:DSA-1046 URL:http://www.debian.org/security/2006/dsa-1046 DEBIAN:DSA-1051 URL:http://www.debian.org/security/2006/dsa-1051 FEDORA:FEDORA-2006-075 URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html FEDORA:FEDORA-2006-076 URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html FEDORA:FLSA-2006:180036-2 URL:http://www.securityfocus.com/archive/1/425978/100/0/threaded FEDORA:FLSA:180036-1 URL:http://www.securityfocus.com/archive/1/425975/100/0/threaded GENTOO:GLSA-200604-12 URL:http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml GENTOO:GLSA-200604-18 URL:http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml HP:HPSBUX02122 URL:http://www.securityfocus.com/archive/1/438730/100/0/threaded HP:SSRT061158 URL:http://www.securityfocus.com/archive/1/438730/100/0/threaded MANDRIVA:MDKSA-2006:036 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:036 MANDRIVA:MDKSA-2006:037 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:037 REDHAT:RHSA-2006:0199 URL:http://www.redhat.com/support/errata/RHSA-2006-0199.html REDHAT:RHSA-2006:0200 URL:http://www.redhat.com/support/errata/RHSA-2006-0200.html SCO:SCOSA-2006.26 URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt SGI:20060201-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U SUNALERT:102550 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1 SUNALERT:228526 URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1 UBUNTU:USN-275-1 URL:https://usn.ubuntu.com/275-1/ UBUNTU:USN-271-1 URL:https://usn.ubuntu.com/271-1/ BID:15773 URL:http://www.securityfocus.com/bid/15773 BID:16476 URL:http://www.securityfocus.com/bid/16476 OVAL:oval:org.mitre.oval:def:11382 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382 VUPEN:ADV-2005-2805 URL:http://www.vupen.com/english/advisories/2005/2805 VUPEN:ADV-2006-0413 URL:http://www.vupen.com/english/advisories/2006/0413 VUPEN:ADV-2006-3391 URL:http://www.vupen.com/english/advisories/2006/3391 OSVDB:21533 URL:http://www.osvdb.org/21533 OVAL:oval:org.mitre.oval:def:1619 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619 SECTRACK:1015328 URL:http://securitytracker.com/id?1015328 SECUNIA:17934 URL:http://secunia.com/advisories/17934 SECUNIA:17944 URL:http://secunia.com/advisories/17944 SECUNIA:17946 URL:http://secunia.com/advisories/17946 SECUNIA:18700 URL:http://secunia.com/advisories/18700 SECUNIA:18704 URL:http://secunia.com/advisories/18704 SECUNIA:18708 URL:http://secunia.com/advisories/18708 SECUNIA:18709 URL:http://secunia.com/advisories/18709 SECUNIA:18705 URL:http://secunia.com/advisories/18705 SECUNIA:18706 URL:http://secunia.com/advisories/18706 SECUNIA:19230 URL:http://secunia.com/advisories/19230 SECUNIA:19759 URL:http://secunia.com/advisories/19759 SECUNIA:19852 URL:http://secunia.com/advisories/19852 SECUNIA:19862 URL:http://secunia.com/advisories/19862 SECUNIA:19863 URL:http://secunia.com/advisories/19863 SECUNIA:19902 URL:http://secunia.com/advisories/19902 SECUNIA:19941 URL:http://secunia.com/advisories/19941 SECUNIA:19746 URL:http://secunia.com/advisories/19746 SECUNIA:21033 URL:http://secunia.com/advisories/21033 SECUNIA:21622 URL:http://secunia.com/advisories/21622
Assigning CNA
N/A
Date Entry Created
20051209	Disclaimer: The entry creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20051209)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org