CVE-2005-2871

Public Exploit

Description

Buffer overflow in the International Domain Name (IDN) support in Mozilla Firefox 1.0.6 and earlier, and Netscape 8.0.3.3 and 7.2, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a hostname with all "soft" hyphens (character 0xAD), which is not properly handled by the NormalizeIDN call in nsStandardURL::BuildNormalizedSpec.

7.5

CVSS

Severity: High

CVSS 2.0 •

EPSS 51.59% Top 5%

Vendor Advisory debian.org Vendor Advisory redhat.com Vendor Advisory debian.org Vendor Advisory ubuntu.com Vendor Advisory redhat.com Vendor Advisory debian.org Vendor Advisory redhat.com Vendor Advisory redhat.com Vendor Advisory gentoo.org Vendor Advisory mandriva.com Vendor Advisory security-protocols.com

Affected: n/a n/a

References

Link	Tags
http://www.kb.cert.org/vuls/id/573857	third party advisory us government resource
http://www.debian.org/security/2005/dsa-868	vendor advisory
http://www.vupen.com/english/advisories/2005/1824	vdb entry
http://www.redhat.com/archives/fedora-legacy-announce/2006-January/msg00004.html	vendor advisory
http://www.vupen.com/english/advisories/2005/1690	vdb entry
http://securityreason.com/securityalert/83	third party advisory
http://secunia.com/advisories/16767	third party advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1287	vdb entry signature
http://www.vupen.com/english/advisories/2005/1691	vdb entry
http://secunia.com/advisories/16764	third party advisory
http://www.debian.org/security/2005/dsa-837	vendor advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A584	vdb entry signature
http://www.ubuntu.com/usn/usn-181-1	vendor advisory
http://www.redhat.com/support/errata/RHSA-2005-791.html	vendor advisory
http://secunia.com/advisories/17042	third party advisory
http://www.securityfocus.com/bid/14784	vdb entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9608	vdb entry signature
http://secunia.com/advisories/16766	third party advisory
http://www.debian.org/security/2005/dsa-866	vendor advisory
http://www.security-protocols.com/advisory/sp-x17-advisory.txt	exploit vendor advisory
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0316.html	mailing list
http://www.redhat.com/support/errata/RHSA-2005-769.html	vendor advisory
http://securitytracker.com/id?1014877	vdb entry
http://www.mozilla.org/security/announce/mfsa2005-57.html
http://www.securiteam.com/securitynews/5RP0B0UGVW.html
http://secunia.com/advisories/17284	third party advisory
http://www.osvdb.org/19255	vdb entry
http://secunia.com/advisories/17263	third party advisory
http://www.redhat.com/support/errata/RHSA-2005-768.html	vendor advisory
http://www.ciac.org/ciac/bulletins/p-303.shtml	third party advisory government resource
http://www.gentoo.org/security/en/glsa/glsa-200509-11.xml	vendor advisory
http://www.security-protocols.com/firefox-death.html	exploit
https://bugzilla.mozilla.org/show_bug.cgi?id=307259
http://www.mandriva.com/security/advisories?name=MDKSA-2005:174	vendor advisory
http://secunia.com/advisories/17090	third party advisory
http://marc.info/?l=full-disclosure&m=112624614008387&w=2	mailing list
https://exchange.xforce.ibmcloud.com/vulnerabilities/22207	vdb entry

Frequently Asked Questions

What is the severity of CVE-2005-2871?: CVE-2005-2871 has been scored as a high severity vulnerability.
How to fix CVE-2005-2871?: To fix CVE-2005-2871, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2005-2871 being actively exploited in the wild?: It is possible that CVE-2005-2871 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~52% probability that this vulnerability will be exploited by malicious actors in the next 30 days.