Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2414Race Condition in Firefox

4 documents4 sources
Severity
2.6LOWNVD
EPSS
5.0%
top 10.27%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Debian Firefox
Timeline
PublishedAug 3
Latest updateMay 1

Description

Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial of service (application crash) via a large HTML file that loads a DOM call from within nested DIV tags, which causes part of the currently rendering page and referenced objects to be deleted.

CVSS vector

AV:N/AC:H/C:N/I:N/A:PExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

debiandebian/firefox< firefox 1.5.dfsg-1 (sid)

🔴Vulnerability Details

1
GHSA
GHSA-m62j-mxmv-r8w5: Race condition in the xpcom library, as used by web browsers such as Firefox, Mozilla, Netscape, and Galeon, allows remote attackers to cause a denial2022-05-01

💥Exploits & PoCs

1
Exploit-DB
XPCOM - Race Condition2015-07-21

📋Vendor Advisories

1
Debian
CVE-2005-2414: firefox - Race condition in the xpcom library, as used by web browsers such as Firefox, Mo...2005