CVE-2005-3896

NameCVE-2005-3896
DescriptionMozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesCVE-2005-1790
NVD severityhigh
Debian Bugs340282, 340283, 345469

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
firefox (PTS)sid88.0-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firefoxsource(unstable)1.5.dfsg-1unimportant340283, 345469
mozillasource(unstable)(unfixed)unimportant340282
mozilla-firefoxsource(unstable)1.4.99+1.5rc3.dfsg-2unimportant340283, 345469

Notes

maintainers don't believe it is a security bug and can't reproduce after 1.5.dfsg-1

Search for package or bug name: Reporting problems