Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2005-4720HistoryFeb 15, 2006 - 11:00 a.m.
CVE-2005-4720
2006-02-1511:00:00
Debian Security Bug Tracker
security-tracker.debian.org
13
mozilla
firefox
denial of service
linux
iframe
remote attackers
client crash
floating-point numbers
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.038
Percentile
92.0%
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | firefox | < 1.5.dfsg-1 | firefox_1.5.dfsg-1_all.deb |
Related
cvelist
cvelist
CVE-2005-4720
2006-02-15 11:00:00
ubuntucve
ubuntucve
CVE-2005-4720
2005-12-31 00:00:00
cve
cve
CVE-2005-4720
2006-02-15 11:00:00
nvd
nvd
CVE-2005-4720
2005-12-31 05:00:00
exploitdb
exploitdb
Mozilla Firefox 1.0.6/1.0.7 - iFrame Handling Denial of Service
2005-10-05 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1044-1)
2008-01-17 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
0.038
Percentile
92.0%
Related for DEBIANCVE:CVE-2005-4720