Launchpad CVE tracker

CVE 2005-0587

Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote malicious web sites to overwrite arbitrary files by tricking the user into downloading a .LNK (link) file twice, which overwrites the file that was referenced in the first .LNK file.

Related bugs and status

CVE-2005-0587 (Candidate) is related to these bugs:

Bug #12680: [warty] IDN support allows domain name spoofing

Summary				In	Importance	Status
	12680	[warty] IDN support allows domain name spoofing		mozilla (Ubuntu)	High	Fix Released
	12680	[warty] IDN support allows domain name spoofing		mozilla (Debian)	Unknown	Fix Released

Bug #13406: [Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function

Summary				In	Importance	Status
	13406	[Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function		mozilla (Ubuntu)	High	Fix Released
	13406	[Warty] CAN-2005-0592 Heap-based buffer overflow in the UTF8ToNewUnicode function		mozilla (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2005-0587

References