CVE Vulnerabilities

CVE-2005-4720

Published: Dec 31, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 1.0.6 (including) 1.0.6 (including)
Firefox Mozilla 1.0.7 (including) 1.0.7 (including)

References