Mozilla : Security Vulnerabilities, CVEs, Published In September 2005 (Denial of service)

CVE-2005-3089

Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability.
Max CVSS
2.6
EPSS Score
9.37%
Published
2005-09-28
Updated
2017-10-11

CVE-2005-2871

Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
Max CVSS
7.5
EPSS Score
96.42%
Published
2005-09-09
Updated
2018-05-03

CVE-2005-2702

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
Max CVSS
7.5
EPSS Score
92.99%
Published
2005-09-23
Updated
2017-10-11
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close