CVE-2005-4720

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 1.0.7 and earlier

Description The issue allows remote attackers to cause a denial of service, resulting in a client crash. This is achieved through an IFRAME element with a large value of the WIDTH attribute. The large value triggers a problem related to the representation of floating-point numbers, leading to an infinite loop of widget resizes and a corresponding large number of function calls on the stack.

Recommendations For Mozilla Firefox versions 1.0.7 and earlier, consider avoiding the use of large values for the WIDTH attribute in IFRAME elements until a fix is available. As a temporary workaround, restricting the use of IFRAME elements with large WIDTH attribute values may help minimize the risk of exploitation.