CVE-2005-4134

Name of the Vulnerable Software and Affected Versions Mozilla Firefox version 1.5 Netscape versions 7.2 and 8.0.4 K-Meleon versions prior to 0.9.12

Description The issue allows remote attackers to cause a denial of service, resulting in CPU consumption and delayed application startup, via a web site with a large title. This title is recorded in history.dat but not processed efficiently during startup. It has been reported that Netscape 8.1 does not have this issue.

Recommendations For Mozilla Firefox version 1.5, consider restricting the size of titles that can be recorded in history.dat to prevent excessive CPU consumption. For Netscape versions 7.2 and 8.0.4, avoid using the affected versions until a fix is available. For K-Meleon versions prior to 0.9.12, update to version 0.9.12 or later to resolve the issue.