Mozilla Firefox up to 1.0 utf8tonewunicode heap-based overflow
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 7.0 | $0-$5k | 0.00 |
Summary
A vulnerability was found in Mozilla Firefox up to 1.0. It has been rated as critical. This vulnerability affects the function utf8tonewunicode. This manipulation causes heap-based overflow.
This vulnerability is registered as CVE-2005-0592. No exploit is available.
Upgrading the affected component is advised.
Details
A vulnerability has been found in Mozilla Firefox up to 1.0 (Web Browser) and classified as critical. Affected by this vulnerability is the function utf8tonewunicode. The manipulation with an unknown input leads to a heap-based overflow vulnerability. The CWE definition for the vulnerability is CWE-122. A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:
Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service (crash) or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value.
The bug was discovered 03/01/2005. The weakness was published 03/25/2005 by Georgi Guninski (taviso) with Mozilla as Bug 241440 as not defined bug report (Bugzilla). It is possible to read the advisory at bugzilla.mozilla.org. This vulnerability is known as CVE-2005-0592 since 02/28/2005. The exploitation appears to be easy. The attack can be launched remotely. The exploitation doesn't need any form of authentication. Technical details of the vulnerability are known, but there is no available exploit.
The vulnerability was handled as a non-public zero-day exploit for at least 3 days. During that time the estimated underground price was around $25k-$100k. The vulnerability scanner Nessus provides a plugin with the ID 17276 (GLSA-200503-10 : Mozilla Firefox: Various vulnerabilities), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Gentoo Local Security Checks and running in the context l.
Upgrading to version 1.0.1 eliminates this vulnerability. A possible mitigation has been published even before and not after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (19535), Tenable (17276), SecurityFocus (BID 12659†), OSVDB (14185†) and Secunia (SA14407†). Similar entries are available at VDB-1182, VDB-1183, VDB-1207 and VDB-1258. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.mozilla.org/
- Product: https://www.mozilla.org/en-US/firefox/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.3VulDB Meta Temp Score: 7.0
VulDB Base Score: 7.3
VulDB Temp Score: 7.0
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Heap-based overflowCWE: CWE-122 / CWE-119
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 17276
Nessus Name: GLSA-200503-10 : Mozilla Firefox: Various vulnerabilities
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 54875
OpenVAS Name: Gentoo Security Advisory GLSA 200503-10 (Firefox)
OpenVAS File: 🔍
OpenVAS Family: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: Firefox 1.0.1
Timeline
02/25/2005 🔍02/25/2005 🔍
02/28/2005 🔍
03/01/2005 🔍
03/01/2005 🔍
03/04/2005 🔍
03/06/2005 🔍
03/25/2005 🔍
03/25/2005 🔍
04/27/2005 🔍
03/10/2015 🔍
05/31/2019 🔍
Sources
Vendor: mozilla.orgProduct: mozilla.org
Advisory: Bug 241440
Researcher: Georgi Guninski (taviso)
Organization: Mozilla
Status: Not defined
Confirmation: 🔍
CVE: CVE-2005-0592 (🔍)
GCVE (CVE): GCVE-0-2005-0592
GCVE (VulDB): GCVE-100-24115
OVAL: 🔍
X-Force: 19535
SecurityFocus: 12659 - Mozilla Suite Multiple Remote Vulnerabilities
Secunia: 14407 - Mozilla / Firefox / Thunderbird Multiple Vulnerabilities, Moderately Critical
OSVDB: 14185 - Mozilla UTF8 buffer overflow
Vulnerability Center: 7707 - Buffer Overflow in Mozilla Firefox < 1.0.1 and Mozilla Suite < 1.7.6 via UTF8ToNewUnicode Function, Medium
See also: 🔍
Entry
Created: 03/10/2015 15:27Updated: 05/31/2019 20:18
Changes: 03/10/2015 15:27 (84), 05/31/2019 20:18 (4)
Complete: 🔍
Cache ID: 216::103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.