Launchpad CVE tracker

CVE 2004-1316

Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '\' (backslash) character, which prevents a string from being NULL terminated.

Related bugs and status

CVE-2004-1316 (Candidate) is related to these bugs:

Bug #11652: [warty] CAN-2004-1316: DOS due to Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp

Summary				In	Importance	Status
	11652	[warty] CAN-2004-1316: DOS due to Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp		mozilla (Ubuntu)	High	Fix Released
	11652	[warty] CAN-2004-1316: DOS due to Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp		mozilla (Debian)	Unknown	Fix Released

Bug #12680: [warty] IDN support allows domain name spoofing

Summary				In	Importance	Status
	12680	[warty] IDN support allows domain name spoofing		mozilla (Ubuntu)	High	Fix Released
	12680	[warty] IDN support allows domain name spoofing		mozilla (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2004-1316

References