7.5

CVE-2005-0592

Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value.

Data is provided by the National Vulnerability Database (NVD)
MozillaFirefox Version0.8
MozillaFirefox Version0.9
MozillaFirefox Version0.9 Updaterc
MozillaFirefox Version0.9.1
MozillaFirefox Version0.9.2
MozillaFirefox Version0.9.3
MozillaFirefox Version0.10
MozillaFirefox Version0.10.1
MozillaFirefox Version1.0
MozillaMozilla Version1.3
MozillaMozilla Version1.4
MozillaMozilla Version1.4 Updatealpha
MozillaMozilla Version1.4.1
MozillaMozilla Version1.5
MozillaMozilla Version1.5 Updatealpha
MozillaMozilla Version1.5 Updaterc1
MozillaMozilla Version1.5 Updaterc2
MozillaMozilla Version1.5.1
MozillaMozilla Version1.6
MozillaMozilla Version1.6 Updatealpha
MozillaMozilla Version1.6 Updatebeta
MozillaMozilla Version1.7
MozillaMozilla Version1.7 Updatealpha
MozillaMozilla Version1.7 Updatebeta
MozillaMozilla Version1.7 Updaterc1
MozillaMozilla Version1.7 Updaterc2
MozillaMozilla Version1.7 Updaterc3
MozillaMozilla Version1.7.1
MozillaMozilla Version1.7.2
MozillaMozilla Version1.7.3
MozillaMozilla Version1.7.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 3.41% 0.863
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P