CAN-2005-3089: denial of service in Firefox
Martin Schulze
joey at infodrom.org
Wed Sep 28 19:47:37 UTC 2005
Here's another one:
Reference: MISC:https://bugzilla.mozilla.org/show_bug.cgi?id=302100
Reference: MISC:http://www.mozilla.org/products/firefox/releases/1.0.7.html
Reference: BID:14924
Reference: URL:http://www.securityfocus.com/bid/14924
Reference: OSVDB:19615
Reference: URL:http://www.osvdb.org/19615
Reference: SECTRACK:1014949
Reference: URL:http://securitytracker.com/id?1014949
Reference: XF:mozillafirefox-proxy-dos(22371)
Reference: URL:http://xforce.iss.net/xforce/xfdb/22371
Firefox 1.0.6 allows attackers to cause a denial of service (crash)
via a Proxy Auto-Config (PAC) script that uses an eval statement.
NOTE: it is not clear whether an untrusted party has any role in
triggering this issue, so it might not be a vulnerability.
Regards,
Joey
--
The good thing about standards is that there are so many to choose from.
-- Andrew S. Tanenbaum
More information about the pkg-mozilla-maintainers
mailing list