Bug 20462

Summary: Netscape 4.75 buffer overflow
Product: [Retired] Red Hat Linux Reporter: Daniel Roesen <dr>
Component: netscapeAssignee: Bill Nottingham <notting>
Status: CLOSED ERRATA QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: high    
Version: 7.0CC: jarno.huuskonen, rgorosito, rvokal
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-11-10 17:06:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daniel Roesen 2000-11-07 12:59:22 UTC 
From a recent BugTraq advisory
(Message-ID:  <20001106234541.11EB637B65F.org>)

---- BEGIN CITE ----
Versions of netscape prior to 4.76 allow a client-side exploit through
a buffer overflow in html code. A malicious website operator can cause
arbitrary code to be executed by the user running the netscape client.
---- END CITE ----
Comment 1 Bill Nottingham 2000-11-07 17:42:08 UTC 
I don't see any details of this in the release notes for 4.76. Do
you have a pointer to the original vulnerability report?g
Comment 2 Daniel Roesen 2000-11-07 18:45:38 UTC 
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:66.netscape.asc
Comment 3 Daniel Roesen 2000-11-07 18:47:15 UTC 
if you mean a report before FreeBSD's advisory: I'm not aware of any.
Comment 4 Bill Nottingham 2000-11-07 20:41:48 UTC 
Yeah, that's what I meant; I was surprised that the FreeBSD advisory
came out of the blue with no word from Netscape, or even the original
credited vulnerability discoverer.
Comment 5 Daniel Roesen 2000-11-10 17:06:15 UTC 
any news yet?
Comment 6 Bill Nottingham 2000-11-19 05:56:32 UTC 
4.76 errata packages were released.