PublicDate: 2005-09-09 18:03:00 UTC
Candidate: CVE-2005-2871
References:
 https://ubuntu.com/security/notices/USN-181-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2871
Description:
 Buffer overflow in the International Domain Name (IDN) support in Mozilla
 Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote
 attackers to cause a denial of service (crash) and possibly execute
 arbitrary code via a hostname with all "soft" hyphens (character 0xAD),
 which is not properly handled by the NormalizeIDN call in
 nsStandardURL::BuildNormalizedSpec.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_mozilla-thunderbird: released (1.5.0.13-0ubuntu0.6.06)
edgy_mozilla-thunderbird: released (1.5.0.13-0ubuntu0.6.10)
feisty_mozilla-thunderbird: released (1.5.0.13-0ubuntu0.7.04)
devel_mozilla-thunderbird: DNE
dapper_firefox: released (1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
edgy_firefox: released (2.0.0.6+0dfsg-0ubuntu0.6.10)
feisty_firefox: released (2.0.0.6+1-0ubuntu1)
devel_firefox: released (2.0.0.6+1-0ubuntu1)
dapper_firefox-granparadiso: DNE
edgy_firefox-granparadiso: DNE
feisty_firefox-granparadiso: DNE
devel_firefox-granparadiso: released (3.0~alpha7-0ubuntu6)
dapper_midbrowser: DNE
edgy_midbrowser: DNE
feisty_midbrowser: DNE
devel_midbrowser: released (0.1.6b-0ubuntu2)
dapper_mozilla: released (1.7.12-1.1ubuntu2)
edgy_mozilla: released (1.7.12-1.1ubuntu2)
feisty_mozilla: DNE
devel_mozilla: DNE
dapper_lightning-sunbird: DNE
edgy_lightning-sunbird: DNE
feisty_lightning-sunbird: DNE
devel_lightning-sunbird: released (0.5-0ubuntu4)
upstream_firefox: needs-triage
upstream_firefox-granparadiso: needs-triage
upstream_lightning-sunbird: needs-triage
upstream_midbrowser: needs-triage
upstream_mozilla: needs-triage
upstream_mozilla-thunderbird: needs-triage