Is your company interested in security consulting for application penetration testing, code reviews, threat modeling or custom tools development? We have over ten years experience in these specialities.

Contact us today for a free consultation.

Mozilla Firefox 1.5 Beta 1 IDN Buffer Overflow

Release Date:
September 13, 2005

Severity:
Critical

Vendor:
Mozilla

Versions Affected:
Firefox 1.5 Beta 1 (Deer Park Alpha 2) build 1.8b4 with IDN disabled.

Overview:
A buffer overflow vulnerability exists within Firefox 1.5 Beta 1 with IDN disabled allows for an attacker to remotely execute arbitrary code on a affected host. Firefox 1.0.6 and all prior versions are not affected by this particular variant of the 'Host:' issue.

Technical Details:
The workaround which was provided from Mozilla does not mitigate this issue. The following HTML code below will reproduce this issue:

IFRAME SRC=https:----------------------------------------------- >

Note, the difference from this one is the IFRAME and SRC= as the other flaw was just HREF=.

Vendor Status:
Mozilla is currently working on a patch.

Discovered by:
Tom Ferris

Related Links:
http://security-protocols.com/deerpark-death.html
https://addons.mozilla.org/messages/307259.html

Security-Protocols LLC :: 1999-2008