First published: Mon Oct 18 2004(Updated: )
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox | =1.4.2 | |
Mozilla Firefox | =1.0.1 | |
SGI ProPack | =3.0 | |
Mozilla Firefox | =1.2.1 | |
Mozilla Firefox | =1.0-rc1 | |
Mozilla Firefox | =1.2-alpha | |
Mozilla Firefox | =1.7 | |
Mozilla Firefox | =1.1-beta | |
Mozilla Firefox | =1.0-rc2 | |
Mozilla Firefox | =1.4.1 | |
Mozilla Firefox | =1.4-beta | |
Mozilla Firefox | =1.2 | |
Mozilla Firefox | =1.4.4 | |
Mozilla Firefox | =1.3 | |
Mozilla Firefox | =1.2-beta | |
Mozilla Firefox | =1.0 | |
Mozilla Firefox | =1.4 | |
Mozilla Firefox | =1.5 | |
Mozilla Firefox | =1.7.1 | |
Mozilla Firefox | =1.4-alpha | |
Mozilla Firefox | =1.1 | |
Mozilla Firefox | =1.1-alpha | |
Mozilla Firefox | =1.7.2 | |
Mozilla Firefox | =1.0.2 | |
Mozilla Firefox | =1.8-alpha2 | |
Mozilla Firefox | =1.7-rc3 | |
Mozilla Firefox | =1.7.3 | |
Mozilla Firefox | =1.3.1 | |
Mozilla Firefox | =1.6 | |
Red Hat Fedora Core | =core_2.0 | |
Red Hat Linux | =7.3 | |
Red Hat Enterprise Linux Desktop | =3.0 | |
Red Hat Enterprise Linux | =3.0 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Linux Advanced Workstation | =2.1 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Fedora Core | =core_1.0 | |
Red Hat Linux | =7.3 | |
Red Hat Linux | =9.0 | |
Red Hat Enterprise Linux | =3.0 | |
Red Hat Enterprise Linux | =2.1 | |
Red Hat Linux | =7.3 | |
Red Hat Enterprise Linux | =3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2004-1613 has been classified as a moderate severity vulnerability.
To fix CVE-2004-1613, update your Mozilla browser to a version that is not affected by this vulnerability.
CVE-2004-1613 affects multiple versions of the Mozilla browser, including 1.0, 1.4, and various 1.7 releases.
CVE-2004-1613 allows remote attackers to cause a denial of service resulting in application crashes.
The vulnerability in CVE-2004-1613 can be triggered by specific HTML elements such as TEXTAREA, INPUT, FRAMESET, or IMG tags followed by a null character.