Vulnerabilities > CVE-2005-4720 - Denial Of Service vulnerability in Mozilla Firefox IFRAME Handling

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
mozilla
exploit available

Summary

Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause a denial of service (client crash) via an IFRAME element with a large value of the WIDTH attribute, which triggers a problem related to representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.

Vulnerable Configurations

Part Description Count
Application
Mozilla
2

Exploit-Db

descriptionMozilla Firefox 1.0.6/1.0.7 IFRAME Handling Denial Of Service Vulnerability. CVE-2005-4720. Dos exploits for multiple platform
idEDB-ID:26325
last seen2016-02-03
modified2005-10-05
published2005-10-05
reporterTom Ferris
sourcehttps://www.exploit-db.com/download/26325/
titleMozilla Firefox 1.0.6/1.0.7 IFRAME Handling Denial of Service Vulnerability