1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
PublicDate: 2007-11-08
Candidate: CVE-2007-5896
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5896
Description:
Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of
service (CPU consumption and crash) via an iframe with Javascript that sets
the document.location to contain a leading NULL byte (\x00) and a (1)
res://, (2) about:config, or (3) file:/// URI.
Ubuntu-Description:
Notes:
jdstrand> browser crash is not a security vulnerability
Bugs:
Priority: low
Assigned-to:
upstream_firefox: needs-triage
dapper_firefox: ignored
edgy_firefox: needs-triage (reached end-of-life)
feisty_firefox: needs-triage (reached end-of-life)
gutsy_firefox: ignored
hardy_firefox: ignored
intrepid_firefox: DNE
devel_firefox: DNE
|