Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and previous versions, and Netscape 8.0.3.3 and 7.2, allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 1.0.5 |
||
mozilla firefox 1.0.6 |
||
mozilla firefox 1.0.1 |
||
mozilla firefox 1.0.2 |
||
mozilla firefox 1.0.3 |
||
mozilla firefox 1.0.4 |
||
mozilla firefox 1.0 |
||
mozilla firefox 1.5 |