HTTP: Mozilla Firefox Host IDN Illegal Character
This signature detects attempts to exploit a known vulnerability in the Mozilla browser family. An attacker can configure a host with a malicious Web page that, when visited, can crash the browser viewing the page or can execute arbitrary code.
Extended Description
Mozilla/Netscape/Firefox are reported prone to a remote buffer-overflow vulnerability when handling a malformed URI. A successful attack may result in a crash of the application or the execution of arbitrary code. Firefox 1.0.6 and 1.5 Beta 1 are vulnerable to this issue. Mozilla 1.7.11 and Netscape 8.0.3.3 and 7.2 are affected as well.
Affected Products
Mozilla browser
References
BugTraq: 14784
CVE: CVE-2005-2871
URL: http://www.security-protocols.com/advisory/sp-x17-advisory.txt
Short Name
HTTP:STC:MOZILLA:HOST-MAL-IDN
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2005-2871 Character Firefox Host IDN Illegal Mozilla bid:14784
Release Date
09/13/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Conectiva
Gentoo
Hp
Mozilla
Turbolinux
Debian
Sgi
Slackware
Ubuntu
Mandriva
Netscape
CVSS Score
7.5