CVE Vulnerabilities

CVE-2007-5896

Published: Nov 08, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.1 HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu
LOW

Mozilla Firefox 2.0.0.9 allows remote attackers to cause a denial of service (CPU consumption and crash) via an iframe with Javascript that sets the document.location to contain a leading NULL byte (x00) and a (1) res://, (2) about:config, or (3) file:/// URI.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 2.0.0.9 (including) 2.0.0.9 (including)
Firefox Ubuntu dapper *
Firefox Ubuntu edgy *
Firefox Ubuntu feisty *
Firefox Ubuntu gutsy *
Firefox Ubuntu hardy *

References