Bug 141332 - mozilla javascript DoS
Summary: mozilla javascript DoS
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: mozilla   
(Show other bugs)
Version: 3
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Christopher Aillon
QA Contact: Ben Levenson
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-11-30 15:19 UTC by Josh Bressers
Modified: 2008-08-02 23:40 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-30 20:54:06 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Josh Bressers 2004-11-30 15:19:47 UTC
This message was reported to full-disclosure

http://lists.netsys.com/pipermail/full-disclosure/2004-November/029434.html

It is possible to crash mozilla with a few lines of HTML.

This issue is being watched upstream by these bugs

https://bugzilla.mozilla.org/show_bug.cgi?id=271716
https://bugzilla.mozilla.org/show_bug.cgi?id=271718



This issue will naturally affect ephiphany, which uses the mozilla
rendering engine.

Comment 1 Josh Bressers 2004-11-30 15:20:59 UTC
This issue also affects FC2

Comment 2 Mark J. Cox 2004-12-07 10:39:38 UTC
The Mozilla Software Foundation do not in general treat simple
unexploitable crashes of a browser as a security issues.  Removing
security severity.

(open another bug for ephiphany if affected)

Comment 3 Matthew Miller 2006-07-10 22:28:05 UTC
Fedora Core 3 is now maintained by the Fedora Legacy project for security
updates only. If this problem is a security issue, please reopen and
reassign to the Fedora Legacy product. If it is not a security issue and
hasn't been resolved in the current FC5 updates or in the FC6 test
release, reopen and change the version to match.

Thank you!


Comment 4 Christopher Aillon 2006-10-30 20:54:06 UTC
Looks like fixed in 1.7.13


Note You need to log in before you can comment on or make changes to this bug.