Mozilla : Security Vulnerabilities, CVEs, Published In September 2005 (Denial of service)
Firefox 1.0.6 allows attackers to cause a denial of service (crash) via a Proxy Auto-Config (PAC) script that uses an eval statement. NOTE: it is not clear whether an untrusted party has any role in triggering this issue, so it might not be a vulnerability.
Max CVSS
2.6
EPSS Score
9.37%
Published
2005-09-28
Updated
2017-10-11
Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
Max CVSS
7.5
EPSS Score
96.42%
Published
2005-09-09
Updated
2018-05-03
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.
Max CVSS
7.5
EPSS Score
92.99%
Published
2005-09-23
Updated
2017-10-11
3 vulnerabilities found