Mozilla Foundation Security Advisory 2005-57
IDN heap overrun using soft-hyphens
- September 22, 2005
- Tom Ferris
- Firefox, Mozilla Suite
- Fixed in
- Firefox 1.0.7
- Mozilla Suite 1.7.12
Tom Ferris reported a Firefox crash when processing a domain name consisting solely of soft-hyphen characters. This is due to a heap overrun triggered when Internationalized Domain Name (IDN) processing results in an empty string after removing non-mapping characters such as soft-hyphens. This overrun could be exploited to run or install malware on a user's computer.
Mozilla Thunderbird does not process IDN host names and is thus not affected by this vulnerability.
Disable IDN. Instructions on how to do so manually or through a small patch can be found here. Installing the fixed versions will restore IDN functionality if you've installed the patch; if you disabled IDN manually it will have to be reenabled the same way.