CVE-2005-2114 - Vulnerability Details - OpenCVE

Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.04323.

Key SSVC decision points have not yet been added.

Vendors	Products
Mozilla	Camino Firefox Mozilla
Redhat	Enterprise Linux

Configuration 1 [-]

OR	cpe:2.3:a:mozilla:camino:0.8.4:::::::*
	cpe:2.3:a:mozilla:firefox:1.0.4:::::::*
	cpe:2.3:a:mozilla:mozilla:1.7.8:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 4
firefox-0:1.0.6-1.4.1	cpe:/o:redhat:enterprise_linux:4	RHSA-2005:586	2005-07-21T00:00:00Z
devhelp-0:0.9.2-2.4.6	cpe:/o:redhat:enterprise_linux:4	RHSA-2005:587	2005-07-22T00:00:00Z

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=112008299210033&w=2
http://securitytracker.com/id?1014292
http://securitytracker.com/id?1014293
http://securitytracker.com/id?1014294
http://securitytracker.com/id?1014349
http://securitytracker.com/id?1014372
http://www.kurczaba.com/html/security/0506241.htm
http://www.redhat.com/support/errata/RHSA-2005-586.html
http://www.redhat.com/support/errata/RHSA-2005-587.html
http://www.securiteam.com/securitynews/5OP0U00G1G.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/21188
https://nvd.nist.gov/vuln/detail/CVE-2005-2114
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9628
https://www.cve.org/CVERecord?id=CVE-2005-2114

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-07-01T04:00:00

Updated: 2024-08-07T22:15:37.382Z

Reserved: 2005-07-01T00:00:00

Link: CVE-2005-2114

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2005-07-05T04:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2005-2114

Redhat

Severity : Moderate

Publid Date: 2005-06-29T00:00:00Z

Links: CVE-2005-2114 - Bugzilla

OpenCVE Enrichment

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-06-29T00:00:00", "descriptions": [{"lang": "en", "value": "Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1014292", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014292"}, {"tags": ["x_refsource_MISC"], "url": "http://www.securiteam.com/securitynews/5OP0U00G1G.html"}, {"name": "RHSA-2005:587", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-587.html"}, {"name": "1014293", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014293"}, {"name": "1014294", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014294"}, {"name": "1014372", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014372"}, {"tags": ["x_refsource_MISC"], "url": "http://www.kurczaba.com/html/security/0506241.htm"}, {"name": "20050629 Mozilla Multiple Product JavaScript Issue", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=112008299210033&w=2"}, {"name": "1014349", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014349"}, {"name": "RHSA-2005:586", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2005-586.html"}, {"name": "mozilla-mult-browsers-javascript-dos(21188)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21188"}, {"name": "oval:org.mitre.oval:def:9628", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9628"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2114", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1014292", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014292"}, {"name": "http://www.securiteam.com/securitynews/5OP0U00G1G.html", "refsource": "MISC", "url": "http://www.securiteam.com/securitynews/5OP0U00G1G.html"}, {"name": "RHSA-2005:587", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-587.html"}, {"name": "1014293", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014293"}, {"name": "1014294", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014294"}, {"name": "1014372", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014372"}, {"name": "http://www.kurczaba.com/html/security/0506241.htm", "refsource": "MISC", "url": "http://www.kurczaba.com/html/security/0506241.htm"}, {"name": "20050629 Mozilla Multiple Product JavaScript Issue", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=112008299210033&w=2"}, {"name": "1014349", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014349"}, {"name": "RHSA-2005:586", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2005-586.html"}, {"name": "mozilla-mult-browsers-javascript-dos(21188)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21188"}, {"name": "oval:org.mitre.oval:def:9628", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9628"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T22:15:37.382Z"}, "title": "CVE Program Container", "references": [{"name": "1014292", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014292"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securiteam.com/securitynews/5OP0U00G1G.html"}, {"name": "RHSA-2005:587", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2005-587.html"}, {"name": "1014293", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014293"}, {"name": "1014294", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014294"}, {"name": "1014372", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014372"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.kurczaba.com/html/security/0506241.htm"}, {"name": "20050629 Mozilla Multiple Product JavaScript Issue", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=112008299210033&w=2"}, {"name": "1014349", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1014349"}, {"name": "RHSA-2005:586", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2005-586.html"}, {"name": "mozilla-mult-browsers-javascript-dos(21188)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21188"}, {"name": "oval:org.mitre.oval:def:9628", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9628"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-2114", "datePublished": "2005-07-01T04:00:00", "dateReserved": "2005-07-01T00:00:00", "dateUpdated": "2024-08-07T22:15:37.382Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:camino:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "31C05BFA-D947-47B7-8EA2-5C0F171F0A6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:firefox:1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "3FFF89FA-2020-43CC-BACD-D66117B3DD26", "vulnerable": true}, {"criteria": "cpe:2.3:a:mozilla:mozilla:1.7.8:*:*:*:*:*:*:*", "matchCriteriaId": "E748A943-8A1E-4657-826C-EBE013E04864", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Mozilla 1.7.8, Firefox 1.0.4, Camino 0.8.4, Netscape 8.0.2, and K-Meleon 0.9, and possibly other products that use the Gecko engine, allow remote attackers to cause a denial of service (application crash) via JavaScript that repeatedly calls an empty function."}], "id": "CVE-2005-2114", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-07-05T04:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=112008299210033&w=2"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014292"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014293"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014294"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014349"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1014372"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.kurczaba.com/html/security/0506241.htm"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-586.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2005-587.html"}, {"source": "cve@mitre.org", "url": "http://www.securiteam.com/securitynews/5OP0U00G1G.html"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21188"}, {"source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9628"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=112008299210033&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014292"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014293"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014294"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1014372"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "http://www.kurczaba.com/html/security/0506241.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-586.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2005-587.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securiteam.com/securitynews/5OP0U00G1G.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21188"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9628"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}