Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2005-2871

Published: 9 September 2005

Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.

Priority

Unknown

Status

Package Release Status
mozilla-thunderbird
Launchpad, Ubuntu, Debian
dapper
Released (1.5.0.13-0ubuntu0.6.06)
edgy
Released (1.5.0.13-0ubuntu0.6.10)
feisty
Released (1.5.0.13-0ubuntu0.7.04)
upstream Needs triage

firefox
Launchpad, Ubuntu, Debian
dapper
Released (1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
edgy
Released (2.0.0.6+0dfsg-0ubuntu0.6.10)
feisty
Released (2.0.0.6+1-0ubuntu1)
upstream Needs triage

firefox-granparadiso
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty Does not exist

upstream Needs triage

midbrowser
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty Does not exist

upstream Needs triage

mozilla
Launchpad, Ubuntu, Debian
dapper
Released (1.7.12-1.1ubuntu2)
edgy
Released (1.7.12-1.1ubuntu2)
feisty Does not exist

upstream Needs triage

lightning-sunbird
Launchpad, Ubuntu, Debian
dapper Does not exist

edgy Does not exist

feisty Does not exist

upstream Needs triage