Denial of Service Vulnerability in Firefox and Mozilla Suite
CVE-2005-2702

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla Suite
Vendor: CVE Published:; 23 September 2005

Summary

A vulnerability exists in Firefox and the Mozilla Suite that allows remote attackers to exploit Unicode sequences, specifically zero-width non-joiner characters, leading to application crashes and potential unauthorized code execution. This security flaw can be triggered by sending specially crafted data, posing a risk of service disruption and security breaches. Users are encouraged to apply patches and updates to safeguard their systems from these types of attacks.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.debian.org/security/2005/dsa-868

vendor-advisoryx_refsource_DEBIAN

http://www.vupen.com/english/advisories/2005/1824

vdb-entryx_refsource_VUPEN

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 23, 2005
Vulnerability Reserved
Aug 26, 2005