Mozilla nsNNTPProtocol.cpp NNTP news:// URI Handling Overflow DoS
High Nessus Plugin ID 16085
SynopsisA web browser on the remote host is prone to a heap overflow attack.
DescriptionThe remote version of Mozilla is vulnerable to a heap overflow attack against its NNTP functionality.
This may allow an attacker to execute arbitrary code on the remote host.
To exploit this flaw, an attacker would need to set up a rogue news site and lure a victim on the remote host into reading news from it.
SolutionUpgrade to Mozilla 1.7.5 or newer.