CVE-2005-2871

Impact:
Critical
Public Date:
2005-09-09

The MITRE CVE dictionary describes this issue as:

Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.

Find out more about CVE-2005-2871 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 3 (mozilla) RHSA-2005:769 2005-09-10
Red Hat Enterprise Linux version 4 (thunderbird) RHSA-2005:791 2005-10-06
Red Hat Enterprise Linux version 2.1 (mozilla) RHSA-2005:769 2005-09-10
Red Hat Enterprise Linux version 4 (mozilla) RHSA-2005:769 2005-09-10
Red Hat Enterprise Linux version 4 (firefox) RHSA-2005:768 2005-09-09