VDB
CVE-2005-4134
CVE-2005-4134
PUBLISHED
CVSS 5 MEDIUM
Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
EPSS 27.69% · 96.5th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
27.69%
96.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| netscape | navigator | 7.1, 7.2, 0 |
| mozilla | firefox | 0 |
| k-meleon_project | k-meleon | 0.8, 0.8.1, 0.8.2 |
| mozilla | mozilla_suite | 0 |
| n/a | n/a | * |
Timeline
- Dec 9, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 3, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
References
- MDKSA-2006:036 vendor-advisory
- USN-275-1 vendor-advisory
- 19902 third-party-advisory
- 21533 vdb
- MDKSA-2006:037 vendor-advisory
- 17944 third-party-advisory
- HPSBUX02122 vendor-advisory
- 19941 third-party-advisory
- 17946 third-party-advisory
- 20051208 Re: re: Firefox 1.5 buffer overflow (poc) mailing-list
- FEDORA-2006-075 vendor-advisory
- GLSA-200604-12 vendor-advisory
- 21622 third-party-advisory
- 19862 third-party-advisory
- 19230 third-party-advisory
- 18704 third-party-advisory
- http://www.networksecurity.fi/advisories/netscape-history.html url
- http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm url
- DSA-1051 vendor-advisory
- 18709 third-party-advisory
…and 37 more