1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
PublicDate: 2005-12-09
Candidate: CVE-2005-4134
References:
http://www.ubuntu.com/usn/usn-271-1
http://www.ubuntu.com/usn/usn-275-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4134
Description:
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12
allows remote attackers to cause a denial of service (CPU consumption and
delayed application startup) via a web site with a large title, which is
recorded in history.dat but not processed efficiently during startup.
NOTE: despite initial reports, the Mozilla vendor does not believe that
this issue can be used to trigger a crash or buffer overflow in Firefox.
Also, it has been independently reported that Netscape 8.1 does not have
this issue.
Ubuntu-Description:
Notes:
Bugs:
dapper_midbrowser: DNE
edgy_midbrowser: DNE
feisty_midbrowser: DNE
devel_midbrowser: released (0.1.6b-0ubuntu2)
dapper_firefox-granparadiso: DNE
edgy_firefox-granparadiso: DNE
feisty_firefox-granparadiso: DNE
devel_firefox-granparadiso: released (3.0~alpha7-0ubuntu6)
dapper_lightning-sunbird: DNE
edgy_lightning-sunbird: DNE
feisty_lightning-sunbird: DNE
devel_lightning-sunbird: released (0.5-0ubuntu4)
dapper_firefox: released (1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
edgy_firefox: released (2.0.0.6+0dfsg-0ubuntu0.6.10)
feisty_firefox: released (2.0.0.6+1-0ubuntu1)
devel_firefox: not-affected
upstream_firefox:
upstream_firefox-granparadiso:
upstream_lightning-sunbird:
upstream_midbrowser:
|