CVE-2004-1613

First published: Mon Oct 18 2004(Updated: )

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Mozilla	=1.4.2
Mozilla Mozilla	=1.0.1
SGI ProPack	=3.0
Mozilla Mozilla	=1.2.1
Mozilla Mozilla	=1.0-rc1
Mozilla Mozilla	=1.2-alpha
Mozilla Mozilla	=1.7
Mozilla Mozilla	=1.1-beta
Mozilla Mozilla	=1.0-rc2
Mozilla Mozilla	=1.4.1
Mozilla Mozilla	=1.4-beta
Mozilla Mozilla	=1.2
Mozilla Mozilla	=1.4.4
Mozilla Mozilla	=1.3
Mozilla Mozilla	=1.2-beta
Mozilla Mozilla	=1.0
Mozilla Mozilla	=1.4
Mozilla Mozilla	=1.5
Mozilla Mozilla	=1.7.1
Mozilla Mozilla	=1.4-alpha
Mozilla Mozilla	=1.1
Mozilla Mozilla	=1.1-alpha
Mozilla Mozilla	=1.7.2
Mozilla Mozilla	=1.0.2
Mozilla Mozilla	=1.8-alpha2
Mozilla Mozilla	=1.7-rc3
Mozilla Mozilla	=1.7.3
Mozilla Mozilla	=1.3.1
Mozilla Mozilla	=1.6
Redhat Fedora Core	=core_2.0
Redhat Linux	=7.3
Redhat Enterprise Linux Desktop	=3.0
Redhat Enterprise Linux	=3.0
Redhat Enterprise Linux	=2.1
Redhat Linux Advanced Workstation	=2.1
Redhat Enterprise Linux	=2.1
Redhat Fedora Core	=core_1.0
Redhat Linux	=7.3
Redhat Linux	=9.0
Redhat Enterprise Linux	=3.0
Redhat Enterprise Linux	=2.1
Redhat Linux	=7.3
Redhat Enterprise Linux	=3.0

Remedy

http://www.redhat.com/support/errata/RHSA-2005-323.html

Remedy

http://www.securityfocus.com/bid/11439

Never miss a vulnerability like this again

Reference Links

collector/nvd-historical
collector/nvd-index
agent/references
agent/weakness
agent/type
agent/event
agent/severity
agent/author
agent/description
agent/remedy
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/mozilla
canonical/mozilla mozilla
version/mozilla mozilla/1.4.2
version/mozilla mozilla/1.0.1
vendor/sgi
canonical/sgi propack
version/sgi propack/3.0
version/mozilla mozilla/1.2.1
version/mozilla mozilla/1.0-rc1
version/mozilla mozilla/1.2-alpha
version/mozilla mozilla/1.7
version/mozilla mozilla/1.1-beta
version/mozilla mozilla/1.0-rc2
version/mozilla mozilla/1.4.1
version/mozilla mozilla/1.4-beta
version/mozilla mozilla/1.2
version/mozilla mozilla/1.4.4
version/mozilla mozilla/1.3
version/mozilla mozilla/1.2-beta
version/mozilla mozilla/1.0
version/mozilla mozilla/1.4
version/mozilla mozilla/1.5
version/mozilla mozilla/1.7.1
version/mozilla mozilla/1.4-alpha
version/mozilla mozilla/1.1
version/mozilla mozilla/1.1-alpha
version/mozilla mozilla/1.7.2
version/mozilla mozilla/1.0.2
version/mozilla mozilla/1.8-alpha2
version/mozilla mozilla/1.7-rc3
version/mozilla mozilla/1.7.3
version/mozilla mozilla/1.3.1
version/mozilla mozilla/1.6
vendor/redhat
canonical/redhat fedora core
version/redhat fedora core/core_2.0
canonical/redhat linux
version/redhat linux/7.3
canonical/redhat enterprise linux desktop
version/redhat enterprise linux desktop/3.0
canonical/redhat enterprise linux
version/redhat enterprise linux/3.0
version/redhat enterprise linux/2.1
canonical/redhat linux advanced workstation
version/redhat linux advanced workstation/2.1
version/redhat fedora core/core_1.0
version/redhat linux/9.0

CVE-2004-1613

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact