- Home
- CVEs with nessus.description==The remote host is affected by the vulnerability described in GLSA-200509-11 (Mozilla Suite, Mozilla Firefox: Multiple vulnerabilities)
The Mozilla Suite and Firefox are both vulnerable to the following issues:
Tom Ferris reported a heap overflow in IDN-enabled browsers with malicious Host: headers (CAN-2005-2871).
'jackerror' discovered a heap overrun in XBM image processing (CAN-2005-2701).
Mats Palmgren reported a potentially exploitable stack corruption using specific Unicode sequences (CAN-2005-2702).
Georgi Guninski discovered an integer overflow in the JavaScript engine (CAN-2005-2705) Other issues ranging from DOM object spoofing to request header spoofing were also found and fixed in the latest versions (CAN-2005-2703, CAN-2005-2704, CAN-2005-2706, CAN-2005-2707).
The Gecko engine in itself is also affected by some of these issues and has been updated as well.
Impact :
A remote attacker could setup a malicious site and entice a victim to visit it, potentially resulting in arbitrary code execution with the victim's privileges or facilitated spoofing of known websites.
Workaround :
There is no known workaround for all the issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top