Debian DSA-866-1 : mozilla - several vulnerabilities

high Nessus Plugin ID 20063


The remote Debian host is missing a security-related update.


Several security-related problems have been discovered in Mozilla and derived programs. The Common Vulnerabilities and Exposures project identifies the following problems :

- CAN-2005-2871 Tom Ferris discovered a bug in the IDN hostname handling of Mozilla that allows remote attackers to cause a denial of service and possibly execute arbitrary code via a hostname with dashes.

- CAN-2005-2701

A buffer overflow allows remote attackers to execute arbitrary code via an XBM image file that ends in a large number of spaces instead of the expected end tag.

- CAN-2005-2702

Mats Palmgren discovered a buffer overflow in the Unicode string parser that allows a specially crafted Unicode sequence to overflow a buffer and cause arbitrary code to be executed.

- CAN-2005-2703

Remote attackers could spoof HTTP headers of XML HTTP requests via XMLHttpRequest and possibly use the client to exploit vulnerabilities in servers or proxies.

- CAN-2005-2704

Remote attackers could spoof DOM objects via an XBL control that implements an internal XPCOM interface.

- CAN-2005-2705

Georgi Guninski discovered an integer overflow in the JavaScript engine that might allow remote attackers to execute arbitrary code.

- CAN-2005-2706

Remote attackers could execute JavaScript code with chrome privileges via an about: page such as about:mozilla.

- CAN-2005-2707

Remote attackers could spawn windows without user interface components such as the address and status bar that could be used to conduct spoofing or phishing attacks.

- CAN-2005-2968

Peter Zelezny discovered that shell metacharacters are not properly escaped when they are passed to a shell script and allow the execution of arbitrary commands, e.g. when a malicious URL is automatically copied from another program into Mozilla as default browser.


Upgrade the mozilla package.

For the stable distribution (sarge) these problems have been fixed in version 1.7.8-1sarge3.

See Also

Plugin Details

Severity: High

ID: 20063

File Name: debian_DSA-866.nasl

Version: 1.21

Type: local

Agent: unix

Published: 10/20/2005

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent

Risk Information


Risk Factor: High

Score: 8.6


Risk Factor: High

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:mozilla, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 10/20/2005

Vulnerability Publication Date: 9/8/2005

Reference Information

CVE: CVE-2005-2701, CVE-2005-2702, CVE-2005-2703, CVE-2005-2704, CVE-2005-2705, CVE-2005-2706, CVE-2005-2707, CVE-2005-2871, CVE-2005-2968

DSA: 866

CWE: 94