NVD

Id
71696  
Name
CVE-2004-1316  
Description
Heap-based buffer overflow in MSG_UnEscapeSearchUrl in nsNNTPProtocol.cpp for Mozilla 1.7.3 and earlier allows remote attackers to cause a denial of service (application crash) via an NNTP URL (news:) with a trailing '' (backslash) character, which prevents a string from being NULL terminated.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-07-18  
Published
2004-12-29  
Modified Date
2017-07-10  
Seq
2004-1316  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
370707 71696 CVE-2004-1316 http://isec.pl/vulnerabilities/isec-0020-mozilla.txt  View
370708 71696 CVE-2004-1316 20041229 Heap overflow in Mozilla Browser <= 1.7.3 NNTP code.  View
370709 71696 CVE-2004-1316 HPSBTU01114  View
370710 71696 CVE-2004-1316 oval:org.mitre.oval:def:100052  View
370711 71696 CVE-2004-1316 oval:org.mitre.oval:def:9808  View
370712 71696 CVE-2004-1316 http://www.mozilla.org/security/announce/mfsa2005-06.html  View
370713 71696 CVE-2004-1316 SUSE-SA:2006:004  View
370714 71696 CVE-2004-1316 RHSA-2005:038  View
370715 71696 CVE-2004-1316 12131  View
370716 71696 CVE-2004-1316 mozilla-nntp-bo(18711)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
63104 JVNDB-2004-000446 Mozilla の MSG_UnEscapeSearchUrl() 関数におけるバッファオーバーフローの脆弱性 Mozilla には、NNTP の実装に使用されている nsNNTPProtocol.cpp の MSG_UnEscapeSearchUrl() 関数において、NULL 終端文字の処理に不備が存在するため、バッファオーバーフローが発生する脆弱性が存在します。 CVE-2004-1316 9743 CVE-2004-1316 71696 5 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000446.html 2004-10-14 2007-04-01 View