CVE-2005-3896

NameCVE-2005-3896
DescriptionMozilla allows remote attackers to cause a denial of service (CPU consumption) via a Javascript BODY onload event that calls the window function.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesCVE-2005-1790
Debian Bugs340282, 340283, 345469

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
firefox (PTS)sid144.0.2-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firefoxsource(unstable)1.5.dfsg-1unimportant340283, 345469
mozillasource(unstable)(unfixed)unimportant340282
mozilla-firefoxsource(unstable)1.4.99+1.5rc3.dfsg-2unimportant340283, 345469

Notes

maintainers don't believe it is a security bug and can't reproduce after 1.5.dfsg-1
Search for package or bug name: Reporting problems