CVE-2004-1613
CVSS5.0
发布时间 :2004-10-18 00:00:00
修订时间 :2016-10-17 22:57:39
NMCOS    

[原文]Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.


[CNNVD]Mozilla多个内存破坏漏洞(CNNVD-200410-023)

        Mozilla存在漏洞。远程攻击者可以借助网页导致服务拒绝(空解引用或无限循环引起的应用程序崩溃)。这种网页后跟包含(1) TEXTAREA,(2) INPUT, (3) FRAMESET或者(4)IMG tag的空字符和一些跟踪字符。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

cpe:/o:redhat:enterprise_linux:2.1::advanced_server
cpe:/o:redhat:enterprise_linux:2.1::enterprise_server
cpe:/o:redhat:enterprise_linux:3.0::enterprise_server
cpe:/a:mozilla:mozilla:1.4.4Mozilla Mozilla Browser 1.4.4
cpe:/a:mozilla:mozilla:1.7.1Mozilla Mozilla 1.7.1
cpe:/a:mozilla:mozilla:1.7.2Mozilla Mozilla 1.7.2
cpe:/a:mozilla:mozilla:1.7.3Mozilla Mozilla 1.7.3
cpe:/o:redhat:fedora_core:core_2.0
cpe:/a:mozilla:mozilla:1.2:alphaMozilla Mozilla Browser 1.2 Alpha
cpe:/o:redhat:linux:7.3Red Hat Linux 7.3
cpe:/o:redhat:enterprise_linux:3.0::advanced_servers
cpe:/a:mozilla:mozilla:1.4:alphaMozilla Mozilla 1.4a
cpe:/a:mozilla:mozilla:1.1:alphaMozilla Mozilla Browser 1.1 Alpha
cpe:/o:redhat:linux_advanced_workstation:2.1::itanium
cpe:/o:redhat:linux:9.0::i386
cpe:/a:mozilla:mozilla:1.4:betaMozilla Mozilla Browser 1.4b
cpe:/a:mozilla:mozilla:1.1:betaMozilla Mozilla Browser 1.1 Beta
cpe:/o:redhat:linux:7.3::i386
cpe:/a:sgi:propack:3.0SGI ProPack 3.0
cpe:/o:redhat:enterprise_linux:2.1::workstation
cpe:/o:redhat:enterprise_linux:3.0::workstation
cpe:/a:mozilla:mozilla:1.2:betaMozilla Mozilla Browser 1.2 Beta
cpe:/o:redhat:enterprise_linux_desktop:3.0Red Hat Desktop 3.0
cpe:/a:mozilla:mozilla:1.7:rc3Mozilla Mozilla 1.7 rc3
cpe:/a:mozilla:mozilla:1.0:rc1
cpe:/o:redhat:linux:7.3::i686
cpe:/a:mozilla:mozilla:1.0:rc2
cpe:/a:mozilla:mozilla:1.8:alpha2Mozilla Mozilla Browser 1.8 Alpha2
cpe:/a:mozilla:mozilla:1.7Mozilla Mozilla 1.7
cpe:/a:mozilla:mozilla:1.6Mozilla Mozilla 1.6
cpe:/a:mozilla:mozilla:1.5Mozilla Mozilla 1.5
cpe:/a:mozilla:mozilla:1.4Mozilla Mozilla 1.4
cpe:/a:mozilla:mozilla:1.3Mozilla Mozilla 1.3
cpe:/o:redhat:fedora_core:core_1.0
cpe:/a:mozilla:mozilla:1.2Mozilla Mozilla 1.2
cpe:/a:mozilla:mozilla:1.1Mozilla Mozilla 1.1
cpe:/a:mozilla:mozilla:1.0Mozilla Mozilla 1.0
cpe:/a:mozilla:mozilla:1.2.1Mozilla Mozilla Browser 1.2.1
cpe:/a:mozilla:mozilla:1.3.1Mozilla Mozilla Browser 1.3.1
cpe:/a:mozilla:mozilla:1.4.1Mozilla Mozilla 1.4.1
cpe:/a:mozilla:mozilla:1.4.2Mozilla Mozilla Browser 1.4.2
cpe:/a:mozilla:mozilla:1.0.1Mozilla Mozilla Browser 1.0.1
cpe:/a:mozilla:mozilla:1.0.2Mozilla Mozilla Browser 1.0.2

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10227Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that ...
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1613
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1613
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200410-023
(官方数据源) CNNVD

- 其它链接及资源

http://lcamtuf.coredump.cx/mangleme/gallery/
(UNKNOWN)  MISC  http://lcamtuf.coredump.cx/mangleme/gallery/
http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html
(VENDOR_ADVISORY)  FULLDISC  20041018 Web browsers - a mini-farce
http://marc.info/?l=bugtraq&m=109811406620511&w=2
(UNKNOWN)  BUGTRAQ  20041018 Web browsers - a mini-farce
http://securitytracker.com/id?1011810
(VENDOR_ADVISORY)  SECTRACK  1011810
http://www.redhat.com/support/errata/RHSA-2005-323.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:323
http://www.securityfocus.com/bid/11439
(VENDOR_ADVISORY)  BID  11439
http://xforce.iss.net/xforce/xfdb/17805
(VENDOR_ADVISORY)  XF  mozilla-html-tags-dos(17805)

- 漏洞信息

Mozilla多个内存破坏漏洞
中危 边界条件错误
2004-10-18 00:00:00 2005-10-20 00:00:00
远程  
        Mozilla存在漏洞。远程攻击者可以借助网页导致服务拒绝(空解引用或无限循环引起的应用程序崩溃)。这种网页后跟包含(1) TEXTAREA,(2) INPUT, (3) FRAMESET或者(4)IMG tag的空字符和一些跟踪字符。

- 公告与补丁

        These issues have been reportedly addressed in Mozilla snapshots. This has not been confirmed by Symantec.
        SGI has released an advisory 20050304-01-U including updated SGI ProPack 3 Service Pack 4 packages to address this issue. Please see the referenced advisory for more information.
        RedHat has released advisory RHSA-2005:323 to address this issue. Please see the referenced advisory to obtain fix information.
        RedHat Fedora Legacy has released advisory FLSA:152883 addressing this and other issues for RedHat Linux 7.3, 9 and for Fedora Core 1 and Core 2. Please see the referenced advisory for details on obtaining and applying the appropriate updates.
        Mozilla Browser 1.2.1
        
        Mozilla Browser 1.4.1
        
        Mozilla Browser 1.6
        

  •         Red Hat Fedora epiphany-1.2.10-0.2.3.legacy.i386.rpmRed Hat Fedora i386
            

- 漏洞信息

15382
Mozilla Multiple Malformed HTML Tag Null Dereference DoS
Denial of Service
Loss of Availability
Vendor Verified

- 漏洞描述

Unknown or Incomplete

- 时间线

2004-10-18 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Mozilla Multiple Memory Corruption Vulnerabilities
Boundary Condition Error 11439
Yes No
2004-10-18 12:00:00 2009-07-12 08:06:00
Discovery is credited to Michal Zalewski.

- 受影响的程序版本

SGI ProPack 3.0
RedHat Linux 9.0 i386
RedHat Linux 7.3 i686
RedHat Linux 7.3 i386
RedHat Linux 7.3
Red Hat Fedora Core2
Red Hat Fedora Core1
Mozilla Browser 1.8 Alpha 2
Mozilla Browser 1.7.6
+ HP HP-UX B.11.23
+ HP HP-UX B.11.23
+ HP HP-UX B.11.22
+ HP HP-UX B.11.22
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.00
+ HP HP-UX B.11.00
+ Red Hat Enterprise Linux AS 4
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
+ RedHat Enterprise Linux WS 4
+ Turbolinux Home
+ Turbolinux Home
+ Turbolinux Turbolinux 10 F...
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Desktop 10.0
+ Turbolinux Turbolinux Server 10.0
+ Turbolinux Turbolinux Server 10.0
Mozilla Browser 1.7.3
+ HP HP-UX B.11.23
+ HP HP-UX B.11.22
+ HP HP-UX B.11.22
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.11
+ HP HP-UX B.11.00
+ HP HP-UX B.11.00
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4 (BL25)
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B-2 PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 B PK4
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6 (BL24)
+ HP Tru64 5.1 A PK6
+ HP Tru64 5.1 A PK6
Mozilla Browser 1.7.2
Mozilla Browser 1.7.1
Mozilla Browser 1.7 rc3
Mozilla Browser 1.7
Mozilla Browser 1.6
Mozilla Browser 1.5
Mozilla Browser 1.4.4
+ Red Hat Enterprise Linux AS 3
+ Red Hat Enterprise Linux AS 3
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Desktop 3.0
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 3
+ RedHat Enterprise Linux WS 3
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux WS 2.1
+ RedHat Linux Advanced Work Station 2.1
Mozilla Browser 1.4.2
Mozilla Browser 1.4.1
Mozilla Browser 1.4 b
Mozilla Browser 1.4 a
Mozilla Browser 1.4
+ Mandriva Linux Mandrake 9.2 amd64
+ Mandriva Linux Mandrake 9.2
Mozilla Browser 1.3.1
Mozilla Browser 1.3
Mozilla Browser 1.2.1
Mozilla Browser 1.2 Beta
Mozilla Browser 1.2 Alpha
Mozilla Browser 1.2
Mozilla Browser 1.1 Beta
Mozilla Browser 1.1 Alpha
Mozilla Browser 1.1
Mozilla Browser 1.0.2
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1 IA64
+ Red Hat Enterprise Linux AS 2.1
+ Red Hat Enterprise Linux AS 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Advanced Workstation for the Itanium Processor 2.1
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1 IA64
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux ES 2.1
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1 IA64
+ RedHat Enterprise Linux WS 2.1
+ RedHat Enterprise Linux WS 2.1
+ Sun Linux 5.0.7
Mozilla Browser 1.0.1
Mozilla Browser 1.0 RC2
+ Conectiva Linux 8.0
+ Conectiva Linux 7.0
+ Conectiva Linux 6.0
Mozilla Browser 1.0 RC1
- FreeBSD FreeBSD 4.5
- FreeBSD FreeBSD 4.4
- FreeBSD FreeBSD 4.3
- FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 4.1.1
Mozilla Browser 1.0
+ Mandriva Linux Mandrake 8.2 ppc
+ Mandriva Linux Mandrake 8.2
+ RedHat Linux 8.0 i386
+ RedHat Linux 8.0

- 漏洞讨论

Multiple memory corruption vulnerabilities have been reported in Mozilla. These issues are related to malformed HTML involving the TEXTAREA, INPUT, FRAMESET, and IMG tags. These issues could cause the browser to crash when rendering the malformed HTML, though there is an additional possibility of leveraging the issues to execute arbitrary code.

Although these issues were reported in the Mozilla browser, other applications based on the same code may also be affected such as Firefox/Thunderbird/Netscape.

- 漏洞利用

This issue was discovered with the mangleme Web fuzzer:

http://lcamtuf.coredump.cx/soft/mangleme.tgz

A proof-of-concept is available at the following Web page:

http://lcamtuf.coredump.cx/mangleme/gallery/mozilla_die1.html

---
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com <mailto:vuldb@securityfocus.com>.

- 解决方案

These issues have been reportedly addressed in Mozilla snapshots. This has not been confirmed by Symantec.

SGI has released an advisory 20050304-01-U including updated SGI ProPack 3 Service Pack 4 packages to address this issue. Please see the referenced advisory for more information.

RedHat has released advisory RHSA-2005:323 to address this issue. Please see the referenced advisory to obtain fix information.

RedHat Fedora Legacy has released advisory FLSA:152883 addressing this and other issues for RedHat Linux 7.3, 9 and for Fedora Core 1 and Core 2. Please see the referenced advisory for details on obtaining and applying the appropriate updates.


Mozilla Browser 1.2.1

Mozilla Browser 1.4.1

Mozilla Browser 1.6

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站