Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0478

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2004-0478
Last Modified 10 Sep 2008 12:00:00
Published 07 Jul 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-0478

Summary

Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrated using an embedded ctrl-U.

Vulnerable Systems

Application

  • Mozilla


References

XF - mozilla-javascript-dos(16225)

MLIST - [Dailydave] 20040514 Mozilla bug might even get fixed!

CONFIRM - http://bugzilla.mozilla.org/show_bug.cgi?id=243540


Last Updated: 27 May 2016 10:38:37