CVE-2005-2702

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox; Mozilla Suite
Vendor: CVE Published:; 23 September 2005

Summary

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via Unicode sequences with "zero-width non-joiner" characters.

References

http://www.mandriva.com/security/advisories?name=MDKSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.debian.org/security/2005/dsa-868

vendor-advisoryx_refsource_DEBIAN

http://www.vupen.com/english/advisories/2005/1824

vdb-entryx_refsource_VUPEN

EPSS Score

89% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 23, 2005
Vulnerability Reserved
Aug 26, 2005