Mozilla HTML tags denial of service

mozilla-html-tags-dos (17805) The risk level is classified as MediumMedium Risk

Description:

Mozilla is vulnerable to a denial of service attack. A remote attacker could create a specially-crafted Web page containing TEXTAREA, INPUT, FRAMESET, and IMG tags followed by specific characters, which would cause the victim's Web browser to crash, once the Web page is visited. An attacker could exploit this vulnerability by hosting the malicious Web page on a Web site or by sending it to a victim as an HTML email.


Consequences:

Denial of Service

Remedy:

For Red Hat Linux (mozilla):
Refer to RHSA-2005:323-10 for patch, upgrade, or suggested workaround information. See References.

References:

  • Bugzilla Bug #264944: Crashes found with Zalewski's mangleme (Bugtraq: "browsers, a mini-farce").
  • CIAC INFORMATION BULLETIN P-168: Mozilla Security Update.
  • Full-Disclosure Mailing List, Mon Oct 18 2004 - 09:18:53 CDT: Web browsers - a mini-farce.
  • BID-11439: Mozilla Multiple Memory Corruption Vulnerabilities
  • BID-11440: Mozilla Invalid Pointer Dereference Vulnerability
  • CVE-2004-1613: Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
  • CVE-2004-1614: Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an unusual combination of visual elements
  • RHSA-2005-323: mozilla security update
  • SECTRACK ID: 1011810: Mozilla HTML Parsing Errors Let Remote Users Deny Service

Platforms Affected:

  • Mozilla Mozilla 1.0
  • Mozilla Mozilla 1.0 rc1
  • Mozilla Mozilla 1.0.1
  • Mozilla Mozilla 1.0.2
  • Mozilla Mozilla 1.1
  • Mozilla Mozilla 1.1 Alpha
  • Mozilla Mozilla 1.1 Beta
  • Mozilla Mozilla 1.2
  • Mozilla Mozilla 1.2 Beta
  • Mozilla Mozilla 1.2 Alpha
  • Mozilla Mozilla 1.2.1
  • Mozilla Mozilla 1.3
  • Mozilla Mozilla 1.3.1
  • Mozilla Mozilla 1.4 Alpha
  • Mozilla Mozilla 1.4 Beta
  • Mozilla Mozilla 1.4
  • Mozilla Mozilla 1.4.1
  • Mozilla Mozilla 1.4.2
  • Mozilla Mozilla 1.4.4
  • Mozilla Mozilla 1.5
  • Mozilla Mozilla 1.5 Alpha
  • Mozilla Mozilla 1.5 rc1
  • Mozilla Mozilla 1.5 rc2
  • Mozilla Mozilla 1.5.1
  • Mozilla Mozilla 1.6 Alpha
  • Mozilla Mozilla 1.6 Beta
  • Mozilla Mozilla 1.6
  • Mozilla Mozilla 1.7 rc2
  • Mozilla Mozilla 1.7 rc3
  • Mozilla Mozilla 1.7 rc1
  • Mozilla Mozilla 1.7 Beta
  • Mozilla Mozilla 1.7 Alpha
  • Mozilla Mozilla 1.7
  • Mozilla Mozilla 1.7.1
  • Mozilla Mozilla 1.7.10
  • Mozilla Mozilla 1.7.11
  • Mozilla Mozilla 1.7.12
  • Mozilla Mozilla 1.7.2
  • Mozilla Mozilla 1.7.3
  • Mozilla Mozilla 1.7.4
  • Mozilla Mozilla 1.7.5
  • Mozilla Mozilla 1.7.6
  • Mozilla Mozilla 1.7.7
  • Mozilla Mozilla 1.7.8
  • Mozilla Mozilla 1.7.9
  • Mozilla Mozilla 1.8 Alpha3
  • Mozilla Mozilla 1.8 Alpha4
  • Mozilla Mozilla 1.8 Alpha2
  • Mozilla Mozilla 1.8 Alpha1
  • RedHat Enterprise Linux 2.1 WS
  • RedHat Enterprise Linux 2.1 ES
  • RedHat Enterprise Linux 2.1 AS
  • RedHat Enterprise Linux 3 Desktop
  • RedHat Enterprise Linux 3 AS
  • RedHat Enterprise Linux 3 ES
  • RedHat Enterprise Linux 3 WS
  • RedHat Linux Advanced Workstation 2.1 Itanium

Reported:

Oct 18, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page