Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing (backslash) character, which prevents a string from being NULL terminated.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mozilla | Mozilla | 1.7 | 1.7 |
Mozilla | Mozilla | 1.7 | 1.7 |
Mozilla | Mozilla | 1.5 | 1.5 |
Mozilla | Mozilla | 1.7 | 1.7 |
Mozilla | Mozilla | 1.6 | 1.6 |
Mozilla | Mozilla | 1.4.1 | 1.4.1 |
Mozilla | Mozilla | 1.5 | 1.5 |
Mozilla | Mozilla | 1.5 | 1.5 |
Mozilla | Mozilla | 1.3 | 1.3 |
Mozilla | Mozilla | 1.7 | 1.7 |
Mozilla | Mozilla | 1.4 | 1.4 |
Mozilla | Mozilla | 1.5 | 1.5 |
Mozilla | Mozilla | * | * |
Mozilla | Mozilla | 1.7.1 | 1.7.1 |
Mozilla | Mozilla | 1.4 | 1.4 |
Mozilla | Mozilla | 1.5.1 | 1.5.1 |
Mozilla | Mozilla | 1.7.2 | 1.7.2 |
Mozilla | Mozilla | 1.7 | 1.7 |
Mozilla | Mozilla | 1.7 | 1.7 |
Mozilla | Mozilla | 1.7.3 | 1.7.3 |
Mozilla | Mozilla | 1.6 | 1.6 |
Mozilla | Mozilla | 1.6 | 1.6 |