JVN/CVE Demo: Cveinfos

CVE

Id: 15338
CVE No.: CVE-2005-4134
Status: Candidate
Description: Mozilla Firefox 1.5, Netscape 8.0.4 and 7.2, and K-Meleon before 0.9.12 allows remote attackers to cause a denial of service (CPU consumption and delayed application startup) via a web site with a large title, which is recorded in history.dat but not processed efficiently during startup. NOTE: despite initial reports, the Mozilla vendor does not believe that this issue can be used to trigger a crash or buffer overflow in Firefox. Also, it has been independently reported that Netscape 8.1 does not have this issue.
Phase: Assigned (20051209)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
119832	15338	CVE-2005-4134	FULLDISC:20051208 Re: re: Firefox 1.5 buffer overflow (poc)	View
119833	15338	CVE-2005-4134	URL:http://marc.info/?l=full-disclosure&m=113405896025702&w=2	View
119834	15338	CVE-2005-4134	FULLDISC:20051208 re: Firefox 1.5 buffer overflow (poc)	View
119835	15338	CVE-2005-4134	URL:http://marc.info/?l=full-disclosure&m=113404911919629&w=2	View
119836	15338	CVE-2005-4134	MISC:http://www.mozilla.org/security/history-title.html	View
119837	15338	CVE-2005-4134	MISC:http://www.networksecurity.fi/advisories/netscape-history.html	View
119838	15338	CVE-2005-4134	CONFIRM:http://www.mozilla.org/security/announce/mfsa2006-03.html	View
119839	15338	CVE-2005-4134	CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-205.htm	View
119840	15338	CVE-2005-4134	DEBIAN:DSA-1044	View
119841	15338	CVE-2005-4134	URL:http://www.debian.org/security/2006/dsa-1044	View
119842	15338	CVE-2005-4134	DEBIAN:DSA-1046	View
119843	15338	CVE-2005-4134	URL:http://www.debian.org/security/2006/dsa-1046	View
119844	15338	CVE-2005-4134	DEBIAN:DSA-1051	View
119845	15338	CVE-2005-4134	URL:http://www.debian.org/security/2006/dsa-1051	View
119846	15338	CVE-2005-4134	FEDORA:FEDORA-2006-075	View
119847	15338	CVE-2005-4134	URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00005.html	View
119848	15338	CVE-2005-4134	FEDORA:FEDORA-2006-076	View
119849	15338	CVE-2005-4134	URL:http://www.redhat.com/archives/fedora-announce-list/2006-February/msg00006.html	View
119850	15338	CVE-2005-4134	FEDORA:FLSA-2006:180036-2	View
119851	15338	CVE-2005-4134	URL:http://www.securityfocus.com/archive/1/archive/1/425978/100/0/threaded	View
119852	15338	CVE-2005-4134	FEDORA:FLSA:180036-1	View
119853	15338	CVE-2005-4134	URL:http://www.securityfocus.com/archive/1/archive/1/425975/100/0/threaded	View
119854	15338	CVE-2005-4134	GENTOO:GLSA-200604-12	View
119855	15338	CVE-2005-4134	URL:http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml	View
119856	15338	CVE-2005-4134	GENTOO:GLSA-200604-18	View
119857	15338	CVE-2005-4134	URL:http://www.gentoo.org/security/en/glsa/glsa-200604-18.xml	View
119858	15338	CVE-2005-4134	HP:HPSBUX02122	View
119859	15338	CVE-2005-4134	URL:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded	View
119860	15338	CVE-2005-4134	HP:SSRT061158	View
119861	15338	CVE-2005-4134	URL:http://www.securityfocus.com/archive/1/archive/1/438730/100/0/threaded	View
119862	15338	CVE-2005-4134	MANDRIVA:MDKSA-2006:036	View
119863	15338	CVE-2005-4134	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:036	View
119864	15338	CVE-2005-4134	MANDRIVA:MDKSA-2006:037	View
119865	15338	CVE-2005-4134	URL:http://www.mandriva.com/security/advisories?name=MDKSA-2006:037	View
119866	15338	CVE-2005-4134	REDHAT:RHSA-2006:0199	View
119867	15338	CVE-2005-4134	URL:http://www.redhat.com/support/errata/RHSA-2006-0199.html	View
119868	15338	CVE-2005-4134	REDHAT:RHSA-2006:0200	View
119869	15338	CVE-2005-4134	URL:http://www.redhat.com/support/errata/RHSA-2006-0200.html	View
119870	15338	CVE-2005-4134	SCO:SCOSA-2006.26	View
119871	15338	CVE-2005-4134	URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2006.26/SCOSA-2006.26.txt	View
119872	15338	CVE-2005-4134	SGI:20060201-01-U	View
119873	15338	CVE-2005-4134	URL:ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U	View
119874	15338	CVE-2005-4134	SUNALERT:102550	View
119875	15338	CVE-2005-4134	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102550-1	View
119876	15338	CVE-2005-4134	SUNALERT:228526	View
119877	15338	CVE-2005-4134	URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-228526-1	View
119878	15338	CVE-2005-4134	UBUNTU:USN-275-1	View
119879	15338	CVE-2005-4134	URL:http://www.ubuntulinux.org/support/documentation/usn/usn-275-1	View
119880	15338	CVE-2005-4134	UBUNTU:USN-271-1	View
119881	15338	CVE-2005-4134	URL:http://www.ubuntulinux.org/support/documentation/usn/usn-271-1	View
119882	15338	CVE-2005-4134	BID:15773	View
119883	15338	CVE-2005-4134	URL:http://www.securityfocus.com/bid/15773	View
119884	15338	CVE-2005-4134	BID:16476	View
119885	15338	CVE-2005-4134	URL:http://www.securityfocus.com/bid/16476	View
119886	15338	CVE-2005-4134	OVAL:oval:org.mitre.oval:def:11382	View
119887	15338	CVE-2005-4134	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11382	View
119888	15338	CVE-2005-4134	VUPEN:ADV-2005-2805	View
119889	15338	CVE-2005-4134	URL:http://www.vupen.com/english/advisories/2005/2805	View
119890	15338	CVE-2005-4134	VUPEN:ADV-2006-0413	View
119891	15338	CVE-2005-4134	URL:http://www.vupen.com/english/advisories/2006/0413	View
119892	15338	CVE-2005-4134	VUPEN:ADV-2006-3391	View
119893	15338	CVE-2005-4134	URL:http://www.vupen.com/english/advisories/2006/3391	View
119894	15338	CVE-2005-4134	OSVDB:21533	View
119895	15338	CVE-2005-4134	URL:http://www.osvdb.org/21533	View
119896	15338	CVE-2005-4134	OVAL:oval:org.mitre.oval:def:1619	View
119897	15338	CVE-2005-4134	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:1619	View
119898	15338	CVE-2005-4134	SECTRACK:1015328	View
119899	15338	CVE-2005-4134	URL:http://securitytracker.com/id?1015328	View
119900	15338	CVE-2005-4134	SECUNIA:17934	View
119901	15338	CVE-2005-4134	URL:http://secunia.com/advisories/17934	View
119902	15338	CVE-2005-4134	SECUNIA:17944	View
119903	15338	CVE-2005-4134	URL:http://secunia.com/advisories/17944	View
119904	15338	CVE-2005-4134	SECUNIA:17946	View
119905	15338	CVE-2005-4134	URL:http://secunia.com/advisories/17946	View
119906	15338	CVE-2005-4134	SECUNIA:18700	View
119907	15338	CVE-2005-4134	URL:http://secunia.com/advisories/18700	View
119908	15338	CVE-2005-4134	SECUNIA:18704	View
119909	15338	CVE-2005-4134	URL:http://secunia.com/advisories/18704	View
119910	15338	CVE-2005-4134	SECUNIA:18708	View
119911	15338	CVE-2005-4134	URL:http://secunia.com/advisories/18708	View
119912	15338	CVE-2005-4134	SECUNIA:18709	View
119913	15338	CVE-2005-4134	URL:http://secunia.com/advisories/18709	View
119914	15338	CVE-2005-4134	SECUNIA:18705	View
119915	15338	CVE-2005-4134	URL:http://secunia.com/advisories/18705	View
119916	15338	CVE-2005-4134	SECUNIA:18706	View
119917	15338	CVE-2005-4134	URL:http://secunia.com/advisories/18706	View
119918	15338	CVE-2005-4134	SECUNIA:19230	View
119919	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19230	View
119920	15338	CVE-2005-4134	SECUNIA:19759	View
119921	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19759	View
119922	15338	CVE-2005-4134	SECUNIA:19852	View
119923	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19852	View
119924	15338	CVE-2005-4134	SECUNIA:19862	View
119925	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19862	View
119926	15338	CVE-2005-4134	SECUNIA:19863	View
119927	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19863	View
119928	15338	CVE-2005-4134	SECUNIA:19902	View
119929	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19902	View
119930	15338	CVE-2005-4134	SECUNIA:19941	View
119931	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19941	View
119932	15338	CVE-2005-4134	SECUNIA:19746	View
119933	15338	CVE-2005-4134	URL:http://secunia.com/advisories/19746	View
119934	15338	CVE-2005-4134	SECUNIA:21033	View
119935	15338	CVE-2005-4134	URL:http://secunia.com/advisories/21033	View
119936	15338	CVE-2005-4134	SECUNIA:21622	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.42 MB
View render complete	2.99 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.02
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	407.36
Event: Controller.beforeRender	4.85
» Processing toolbar data	4.76
Rendering View	28.40
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	27.34
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.61
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/15338
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/15338
Remote Port	16092
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.111
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.211.250
Http Via	1.1 squid-proxy-5b5d847c96-knn9n (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.111
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.111
Unique Id	aNoW7FVxxEazBswa8VRWRgAAAXM
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.111
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.111
Redirect Unique Id	aNoW7FVxxEazBswa8VRWRgAAAXM
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.111
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.111
Redirect Redirect Unique Id	aNoW7FVxxEazBswa8VRWRgAAAXM
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759123180.1027
Request Time	1759123180

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files