Ubuntu
mozilla package

[CVE-2005-1790] DoS against Mozilla-based browsers

Bug #26038 reported by Debian Bug Importer
274
Affects Status Importance Assigned to Milestone
mozilla (Debian)
Fix Released
Unknown
mozilla (Ubuntu)
Won't Fix
High
Mozilla Bugs
Nominated for Dapper by towsonu2003
Nominated for Edgy by towsonu2003
Nominated for Feisty by Christian Reis (test account)

Bug Description

Automatically imported from Debian bug report #340282 http://bugs.debian.org/340282

See original description

CVE References

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #340282 http://bugs.debian.org/340282

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Tue, 22 Nov 2005 12:33:19 +0100
From: Florian Weimer <email address hidden>
To: <email address hidden>
Subject: [CVE-2005-1790] DoS against Mozilla-based browsers

Package: mozilla-browser
Version: 1.7.12-1
Severity: grave
Tags: security

An exploit for CVE-2005-1790, a bug originally classified as IE-only,
causes Mozilla-based browsers to crash. See the proof of concept
exploit (for IE) at:

  <http://www.computerterrorism.com/research/ie/ct21-11-2005>

The CVE name is provisional, maybe another one will be assigned.

Revision history for this message
In , Alexander Sack (asac) wrote : retitle [CVE-2005-3896] DoS via BODY onload

retitle 340282 [CVE-2005-3896] DoS via BODY onload
thanks

looks like this ended up in CVE-2005-3896.

 - Alexander

--
 GPG messages preferred. | .''`. ** Debian GNU/Linux **
 Alexander Sack | : :' : The universal
 <email address hidden> | `. `' Operating System
 http://www.asoftsite.org | `- http://www.debian.org

Revision history for this message
Alex Vaughn (aevaughn) wrote :

similar to bug#26039, except 26039 is for firefox.

Changed in mozilla:
assignee: nobody → ijackson
Ian Jackson (ijackson)
Changed in mozilla:
assignee: ijackson → nobody
Revision history for this message
towsonu2003 (towsonu2003) wrote :

hangs browser

Changed in mozilla:
status: Unconfirmed → Confirmed
Revision history for this message
towsonu2003 (towsonu2003) wrote :

browser: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.7) Gecko/20060914 Firefox/1.5.0.7

if 1.5.0.7 hangs, dapper's and older should hang as well.

Revision history for this message
In , Mike Hommey (mh-glandium) wrote :

On Tue, Nov 22, 2005 at 12:33:19PM +0100, Florian Weimer <email address hidden> wrote:
> Package: mozilla-browser
> Version: 1.7.12-1
> Severity: grave
> Tags: security
>
> An exploit for CVE-2005-1790, a bug originally classified as IE-only,
> causes Mozilla-based browsers to crash. See the proof of concept
> exploit (for IE) at:
>
> <http://www.computerterrorism.com/research/ie/ct21-11-2005>
>
> The CVE name is provisional, maybe another one will be assigned.

As far as I can see, this doesn't do anything on mozilla 1.8 branch based
software such as iceweasel or iceape, which provides mozilla-browser,
now.

Please reopen if you think iceape is still affected, as well as evidence
about it ;)

Mike

Bug Watch Updater (bug-watch-updater)
Changed in mozilla:
status: Unconfirmed → Fix Released
Marco Rodrigues (gothicx)
Changed in mozilla:
status: Confirmed → Fix Released
Revision history for this message
Marco Rodrigues (gothicx) wrote :

Still an issue on Dapper!

Changed in mozilla:
status: Fix Released → Confirmed
Revision history for this message
Alexander Sack (asac) wrote :

is there a mozilla bug for this issue?

Marco Rodrigues (gothicx)
Changed in mozilla:
assignee: nobody → mozilla-bugs
Revision history for this message
Alexander Sack (asac) wrote :

ok according to debian bug its fixed in 1.7 branch ... so we don't have this issue in feisty/gutsy ... dapper and edgy might be affected ... however its "just" a DoS ... which unless there is evidence of memory corruption is usually not classified as a security issue for mozillas.

Revision history for this message
Alexander Sack (asac) wrote :

setting for those distributions that still have 1.7 branch to Won't Fix.

Changed in mozilla:
status: Confirmed → Won't Fix
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.