{ "id": "CVE-2005-4134", "sourceIdentifier": "cve@mitre.org", "published": "2005-12-09T15:03:00.000", "lastModified": "2024-11-21T00:03:31.373", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "baseScore": 5.0, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:*:*:*:*:*:*:*:*", "versionEndIncluding": "0.9", "matchCriteriaId": "EC0A29B9-A7D3-4A5A-B21A-D701D0A10C76" }, { "vulnerable": true, "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.7:*:*:*:*:*:*:*", "matchCriteriaId": "328AFACF-FDA7-4FB5-A85E-4F349453301F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.7_service_pack_1:*:*:*:*:*:*:*", "matchCriteriaId": "ADCDD160-5239-47C5-AE7D-6060FB6E0037" }, { "vulnerable": true, "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8:*:*:*:*:*:*:*", "matchCriteriaId": "82A07303-9E74-4409-9853-8EC283734B64" }, { "vulnerable": true, "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C6CAF6A-4E33-444F-B2DF-A270428B8C9E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:k-meleon_project:k-meleon:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "9BD39C88-D4B7-4F7D-81AC-F99A143B82E2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.5", "matchCriteriaId": "2FC40790-BCBF-4609-A7DC-5659B2233B7B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:*", "versionEndIncluding": "1.7.12", "matchCriteriaId": "EF9D2443-9389-42B0-BF93-3ADC1B7325EC" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:*", "versionEndIncluding": "8.0.40", "matchCriteriaId": "F337E57D-2918-4141-8842-A9D58DB922E5" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C1BC491-9C5A-46D5-B6C3-5A8E5A1A0AF3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "842CBD30-B4BA-4FCF-9152-9DBEBE59857C" } ] } ] } ], "references": [ { "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt", "source": "cve@mitre.org" }, { "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=full-disclosure&m=113404911919629&w=2", "source": "cve@mitre.org" }, { "url": "http://marc.info/?l=full-disclosure&m=113405896025702&w=2", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/17934", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/17944", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/17946", "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/18700", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/18704", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/18705", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/18706", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/18708", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/18709", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19230", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19746", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19759", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19852", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19862", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19863", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19902", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/19941", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/21033", "source": "cve@mitre.org" }, { "url": "http://secunia.com/advisories/21622", "source": "cve@mitre.org" }, { "url": "http://securitytracker.com/id?1015328", "source": "cve@mitre.org" }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1", "source": "cve@mitre.org" }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1", "source": "cve@mitre.org" }, { "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2006/dsa-1044", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2006/dsa-1046", "source": "cve@mitre.org" }, { "url": "http://www.debian.org/security/2006/dsa-1051", "source": "cve@mitre.org" }, { "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml", "source": "cve@mitre.org" }, { "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml", "source": "cve@mitre.org" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036", "source": "cve@mitre.org" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037", "source": "cve@mitre.org" }, { "url": "http://www.mozilla.org/security/announce/mfsa2006-03.html", "source": "cve@mitre.org" }, { "url": "http://www.mozilla.org/security/history-title.html", "source": "cve@mitre.org" }, { "url": "http://www.networksecurity.fi/advisories/netscape-history.html", "source": "cve@mitre.org" }, { "url": "http://www.osvdb.org/21533", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/support/errata/RHSA-2006-0199.html", "source": "cve@mitre.org" }, { "url": "http://www.redhat.com/support/errata/RHSA-2006-0200.html", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/425975/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/425978/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/15773", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/16476", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2005/2805", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2006/0413", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2006/3391", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382", "source": "cve@mitre.org" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619", "source": "cve@mitre.org" }, { "url": "https://usn.ubuntu.com/271-1/", "source": "cve@mitre.org" }, { "url": "https://usn.ubuntu.com/275-1/", "source": "cve@mitre.org" }, { "url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://marc.info/?l=full-disclosure&m=113404911919629&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://marc.info/?l=full-disclosure&m=113405896025702&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/17934", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/17944", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/17946", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ] }, { "url": "http://secunia.com/advisories/18700", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/18704", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/18705", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/18706", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/18708", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/18709", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19230", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19746", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19759", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19852", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19862", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19863", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19902", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/19941", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/21033", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://secunia.com/advisories/21622", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://securitytracker.com/id?1015328", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.debian.org/security/2006/dsa-1044", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.debian.org/security/2006/dsa-1046", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.debian.org/security/2006/dsa-1051", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:036", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:037", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.mozilla.org/security/announce/mfsa2006-03.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.mozilla.org/security/history-title.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.networksecurity.fi/advisories/netscape-history.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.osvdb.org/21533", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.redhat.com/support/errata/RHSA-2006-0199.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.redhat.com/support/errata/RHSA-2006-0200.html", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/425975/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/425978/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/archive/1/438730/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/15773", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.securityfocus.com/bid/16476", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.vupen.com/english/advisories/2005/2805", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.vupen.com/english/advisories/2006/0413", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "http://www.vupen.com/english/advisories/2006/3391", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11382", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1619", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://usn.ubuntu.com/271-1/", "source": "af854a3a-2127-422b-91ae-364da2661108" }, { "url": "https://usn.ubuntu.com/275-1/", "source": "af854a3a-2127-422b-91ae-364da2661108" } ], "evaluatorSolution": "This issue was fixed in K-Meleon version 0.9.12." }