Mozilla < 1.7.5 Network News Transport Protocol Remote Heap Overflow

High Log Correlation Engine Plugin ID 801363


The remote host is vulnerable to a heap overflow.


The remote host is using Mozilla.
The remote version of this software is vulnerable to a heap overflow against its NNTP functionality. This may allow an attacker to execute arbitrary code on the remote host. To exploit this flaw, an attacker would need to set up a rogue website and lure a victim on the remote host into visiting it.


Upgrade to Mozilla 1.7.5 or higher.

See Also

Plugin Details

Severity: High

ID: 801363

Family: Web Clients

Nessus ID: 16085

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 6.9

Temporal Score: 5.7

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Reference Information

CVE: CVE-2004-1316, CVE-2005-0141, CVE-2005-0143, CVE-2005-0144, CVE-2005-0145, CVE-2005-0146, CVE-2005-0147, CVE-2005-0148, CVE-2005-0149, CVE-2005-0150

BID: 12407, 12131