CVE-2005-4720
CVE-2005-4720
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/26325unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.mozilla.org/show_bug.cgi?id=303433http://secunia.com/advisories/17071http://security-protocols.com/modules.php?name=News&file=article&sid=2978http://securitytracker.com/id?1015011http://www.securityfocus.com/bid/15015http://www.security-protocols.com/advisory/sp-x19-advisory.txt