Closed
Bug 307722
Opened 19 years ago
Closed 19 years ago
Secunia SA16764 URL Domain Name Buffer Overflow
Categories
(Firefox :: Security, defect)
Tracking
()
VERIFIED
DUPLICATE
of bug 307259
People
(Reporter: TechMason, Unassigned)
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4 From http://secunia.com/advisories/16764/ Tom Ferris has discovered a vulnerability in Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially to compromise a user's system. The vulnerability is caused due to an error in the handling of an URL that contains the 0xAD character in its domain name. This can be exploited to cause a heap-based buffer overflow. Successful exploitation crashes Firefox and may potentially allow code execution but requires that the user is tricked into visiting a malicious web site or open a specially crafted HTML file. The vulnerability has been confirmed in version 1.0.6, and is reported to affect versions prior to 1.0.6, and version 1.5 Beta 1. Reproducible: Always Steps to Reproduce: 1.Visit a site with the 0xAD character in its domain name Actual Results: Crash with the potential to allow code execution Expected Results: No crash and no potential to allow code execution
*** This bug has been marked as a duplicate of 307259 ***
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Updated•19 years ago
|
Group: security
Comment 2•19 years ago
|
||
Tom Ferris himself reported that he already filed a bug : <http://security-protocols.com/advisory/sp-x17-advisory.txt>. There's no reason to report this again.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•