CVE-2005-4134

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
09/12/2005
Last modified:
03/04/2025

Description

Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:k-meleon_project:k-meleon:*:*:*:*:*:*:*:* 0.9 (including)
cpe:2.3:a:k-meleon_project:k-meleon:0.7:*:*:*:*:*:*:*
cpe:2.3:a:k-meleon_project:k-meleon:0.7_service_pack_1:*:*:*:*:*:*:*
cpe:2.3:a:k-meleon_project:k-meleon:0.8:*:*:*:*:*:*:*
cpe:2.3:a:k-meleon_project:k-meleon:0.8.1:*:*:*:*:*:*:*
cpe:2.3:a:k-meleon_project:k-meleon:0.8.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* 1.5 (including)
cpe:2.3:a:mozilla:mozilla_suite:*:*:*:*:*:*:*:* 1.7.12 (including)
cpe:2.3:a:netscape:navigator:*:*:*:*:*:*:*:* 8.0.40 (including)
cpe:2.3:a:netscape:navigator:7.1:*:*:*:*:*:*:*
cpe:2.3:a:netscape:navigator:7.2:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools