Debian Bug report logs -
#340282
[CVE-2005-3896] DoS via BODY onload
Reported by: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 22 Nov 2005 11:48:02 UTC
Severity: grave
Tags: security
Found in version mozilla-browser/1.7.12-1
Done: Mike Hommey <mh@glandium.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Takuo KITAME <kitame@debian.org>:
Bug#340282; Package mozilla-browser.
(full text, mbox, link).
Acknowledgement sent to Florian Weimer <fw@deneb.enyo.de>:
New Bug report received and forwarded. Copy sent to Takuo KITAME <kitame@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: mozilla-browser
Version: 1.7.12-1
Severity: grave
Tags: security
An exploit for CVE-2005-1790, a bug originally classified as IE-only,
causes Mozilla-based browsers to crash. See the proof of concept
exploit (for IE) at:
<http://www.computerterrorism.com/research/ie/ct21-11-2005>
The CVE name is provisional, maybe another one will be assigned.
Information forwarded to debian-bugs-dist@lists.debian.org, Takuo KITAME <kitame@debian.org>:
Bug#340282; Package mozilla-browser.
(full text, mbox, link).
Acknowledgement sent to Alexander Sack <asac@jwsdot.com>:
Extra info received and forwarded to list. Copy sent to Takuo KITAME <kitame@debian.org>.
(full text, mbox, link).
Message #10 received at 340282@bugs.debian.org (full text, mbox, reply):
retitle 340282 [CVE-2005-3896] DoS via BODY onload
thanks
looks like this ended up in CVE-2005-3896.
- Alexander
--
GPG messages preferred. | .''`. ** Debian GNU/Linux **
Alexander Sack | : :' : The universal
asac@jwsdot.com | `. `' Operating System
http://www.asoftsite.org | `- http://www.debian.org
Changed Bug title.
Request was from Alexander Sack <asac@jwsdot.com>
to control@bugs.debian.org.
(full text, mbox, link).
Reply sent to Mike Hommey <mh@glandium.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Florian Weimer <fw@deneb.enyo.de>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #17 received at 340282-done@bugs.debian.org (full text, mbox, reply):
On Tue, Nov 22, 2005 at 12:33:19PM +0100, Florian Weimer <fw@deneb.enyo.de> wrote:
> Package: mozilla-browser
> Version: 1.7.12-1
> Severity: grave
> Tags: security
>
> An exploit for CVE-2005-1790, a bug originally classified as IE-only,
> causes Mozilla-based browsers to crash. See the proof of concept
> exploit (for IE) at:
>
> <http://www.computerterrorism.com/research/ie/ct21-11-2005>
>
> The CVE name is provisional, maybe another one will be assigned.
As far as I can see, this doesn't do anything on mozilla 1.8 branch based
software such as iceweasel or iceape, which provides mozilla-browser,
now.
Please reopen if you think iceape is still affected, as well as evidence
about it ;)
Mike
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 19 Jun 2007 03:34:31 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:08:37 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon