CVE-2005-4134

MEDIUM

Description

Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.

ID	Name	Product	Family	Severity
29744	Firefox < 1.0.8 Multiple Vulnerabilities	Nessus	Windows	high
24403	Solaris 9 (sparc) : 120671-08	Nessus	Solaris Local Security Checks	critical
24395	Solaris 8 (sparc) : 120671-08	Nessus	Solaris Local Security Checks	critical
23773	Solaris 9 (x86) : 120672-08	Nessus	Solaris Local Security Checks	critical
23772	Solaris 8 (x86) : 120672-08	Nessus	Solaris Local Security Checks	critical
22987	Solaris 10 (x86) : 119116-35 (deprecated)	Nessus	Solaris Local Security Checks	critical
22954	Solaris 10 (sparc) : 119115-36 (deprecated)	Nessus	Solaris Local Security Checks	critical
22593	Debian DSA-1051-1 : mozilla-thunderbird - several vulnerabilities	Nessus	Debian Local Security Checks	critical
22588	Debian DSA-1046-1 : mozilla - several vulnerabilities	Nessus	Debian Local Security Checks	critical
22586	Debian DSA-1044-1 : mozilla-firefox - several vulnerabilities	Nessus	Debian Local Security Checks	critical
21983	CentOS 4 : firefox (CESA-2006:0200)	Nessus	CentOS Local Security Checks	high
21891	CentOS 3 / 4 : mozilla (CESA-2006:0199)	Nessus	CentOS Local Security Checks	high
21315	GLSA-200604-18 : Mozilla Suite: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
21301	Ubuntu 4.10 / 5.04 / 5.10 : mozilla vulnerabilities (USN-275-1)	Nessus	Ubuntu Local Security Checks	critical
21277	GLSA-200604-12 : Mozilla Firefox: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
21270	Ubuntu 4.10 / 5.04 / 5.10 : mozilla-firefox, firefox vulnerabilities (USN-271-1)	Nessus	Ubuntu Local Security Checks	critical
20877	Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2006:037)	Nessus	Mandriva Local Security Checks	high
20863	SeaMonkey < 1.0 Multiple Vulnerabilities	Nessus	Windows	high
20858	RHEL 4 : firefox (RHSA-2006:0200)	Nessus	Red Hat Local Security Checks	high
20857	RHEL 2.1 / 3 / 4 : mozilla (RHSA-2006:0199)	Nessus	Red Hat Local Security Checks	high
20848	Fedora Core 4 : firefox-1.0.7-1.2.fc4 (2006-076)	Nessus	Fedora Local Security Checks	high
20847	Fedora Core 4 : mozilla-1.7.12-1.5.2 (2006-075)	Nessus	Fedora Local Security Checks	high
20842	Firefox < 1.5.0.1 Multiple Vulnerabilities	Nessus	Windows	high
3405	Mozilla Firefox < 1.5.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3258	Mozilla Thunderbird < 1.5 Multiple Vulnerabilities (deprecated)	Nessus Network Monitor	SMTP Clients	medium
3516	SeaMonkey < 1.0.1 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3514	Mozilla Firefox < 1.7.13 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
3513	Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities (deprecated)	Nessus Network Monitor	SMTP Clients	medium
3512	Mozilla Firefox < 1.0.8 / 1.5.x < 1.5.0.2 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	medium
801357	Mozilla Thunderbird < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
801290	Mozilla Thunderbird < 1.5 Multiple Vulnerabilities	Log Correlation Engine	SMTP Clients	high
801243	Mozilla Firefox < 1.5.0.1 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801226	Mozilla Browser < 1.7.13 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high
801220	Mozilla Firefox < 1.5.0.2 or 1.0.8 Multiple Vulnerabilities	Log Correlation Engine	Web Clients	high

CVE-2005-4134

Description

References

Details

Risk Information

CVSS v2.0