CVE-2007-2869

NameCVE-2007-2869
DescriptionThe form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in a submitted form.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-1306-1, DSA-1308-1, DTSA-45-1, DTSA-51-1

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceapesource(unstable)1.1.2-1
iceweaselsourceetch2.0.0.4-0etch1DSA-1308-1
iceweaselsourcelenny2.0.0.5-0etch1+lenny1DTSA-45-1
iceweaselsource(unstable)2.0.0.4-1
mozillasource(unstable)(unfixed)
xulrunnersourceetch1.8.0.12-0etch1DSA-1306-1
xulrunnersourcelenny1.8.0.13~pre070720-0etch3+lenny1DTSA-51-1
xulrunnersource(unstable)1.8.1.4-1

Notes

MFSA2007-13
Search for package or bug name: Reporting problems