tags 327366 + upstream fixed-upstream patch
severity 327366 critical
merge 327366 327455
retitle 327366 [CAN-2005-2871] IDN buffer overflow [MFSA 2005-57]
thanks
Hi,
On Fri, Sep 09, 2005, Sam Morris wrote:
> A buffer overflow vulnerability exists within Firefox version 1.0.6 and
> all other prior versions which allows for an attacker to remotely execute
> arbitrary code on an affected host.
When reporting bugs against Epiphany or Galeon, please check whether
Mozilla, their engine, is affected. In the future, the engine of these
browsers might switch from Mozilla to Firefox though.
> The problem seems to be when a hostname which has all dashes causes the
> NormalizeIDN call in nsStandardURL::BuildNormalizedSpec to return true,
> but is sets encHost to an empty string.
This is "fixed" in Mozilla 1.7.12 by disabling IDN and/or installing a
patch as explained at:
<https://addons.mozilla.org/messages/307259.html>
Bye,
--
Loïc Minier <[EMAIL PROTECTED]>
