Mozilla nsNNTPProtocol.cpp NNTP news:// URI Handling Overflow DoS

This script is Copyright (C) 2005-2017 Tenable Network Security, Inc.

Synopsis :

A web browser on the remote host is prone to a heap overflow attack.

Description :

The remote version of Mozilla is vulnerable to a heap overflow attack
against its NNTP functionality.

This may allow an attacker to execute arbitrary code on the remote

To exploit this flaw, an attacker would need to set up a rogue news
site and lure a victim on the remote host into reading news from it.

See also :

Solution :

Upgrade to Mozilla 1.7.5 or newer.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 16085 ()

Bugtraq ID: 12131

CVE ID: CVE-2004-1316

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now