Vulnerability Note VU#573857
Mozilla-based browsers contain a buffer overflow in handling URIs containing a malformed IDN hostname
A vulnerability in the way Mozilla products and derivative programs handle certain malformed URIs could allow a remote attacker to execute arbitrary code on a vulnerable system.
Mozilla products, including the Mozilla Suite, and Mozilla Firefox are vulnerable to a buffer overflow in the way they handle URIs containing certain IDN encoded hostnames. An error in the conversion of a hostname consisting of Unicode "soft hyphen" characters (U+00AD) to the UTF-8 character set will cause a buffer overflow. By convincing a user to view an HTML document (e.g., via a web page or email message), an attacker could execute arbitrary code with the privileges of the user running the vulnerable application.
Note: Exploit code for this vulnerability is publicly available.
A remote attacker may be able to execute arbitrary code on a vulnerable system. The code would be executed in the context of the user running the vulnerable browser. In some instances, exploitation may only cause the browser to crash, resulting in a denial of service.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Fedora Project||Affected||-||19 Sep 2005|
|Gentoo Linux||Affected||-||19 Sep 2005|
|Mozilla, Inc.||Affected||09 Sep 2005||09 Sep 2005|
|Red Hat, Inc.||Affected||-||16 Sep 2005|
|Ubuntu||Affected||-||16 Sep 2005|
CVSS Metrics (Learn More)
This vulnerability was reported by Tom Ferris.
This document was written by Chad Dougherty and Will Dormann.
- CVE IDs: CAN-2005-2871
- Date Public: 09 Sep 2005
- Date First Published: 09 Sep 2005
- Date Last Updated: 23 Sep 2005
- Severity Metric: 19.12
- Document Revision: 24
If you have feedback, comments, or additional information about this vulnerability, please send us email.