Lucene search
HistoryDec 31, 2004 - 5:00 a.m.
CVE-2004-1200
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
High
EPSS
0.013
Percentile
85.8%
Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
Affected configurations
Node
mozillafirefoxMatch0.8
ORmozillafirefoxMatch0.9
ORmozillafirefoxMatch0.9rc
ORmozillafirefoxMatch0.9.1
ORmozillafirefoxMatch0.9.2
ORmozillafirefoxMatch0.9.3
ORmozillafirefoxMatch0.10
ORmozillafirefoxMatch0.10.1
ORmozillafirefoxMatchpreview_release
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | 0.8 | cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:* |
| mozilla | firefox | 0.9 | cpe:2.3:a:mozilla:firefox:0.9:*:*:*:*:*:*:* |
| mozilla | firefox | 0.9 | cpe:2.3:a:mozilla:firefox:0.9:rc:*:*:*:*:*:* |
| mozilla | firefox | 0.9.1 | cpe:2.3:a:mozilla:firefox:0.9.1:*:*:*:*:*:*:* |
| mozilla | firefox | 0.9.2 | cpe:2.3:a:mozilla:firefox:0.9.2:*:*:*:*:*:*:* |
| mozilla | firefox | 0.9.3 | cpe:2.3:a:mozilla:firefox:0.9.3:*:*:*:*:*:*:* |
| mozilla | firefox | 0.10 | cpe:2.3:a:mozilla:firefox:0.10:*:*:*:*:*:*:* |
| mozilla | firefox | 0.10.1 | cpe:2.3:a:mozilla:firefox:0.10.1:*:*:*:*:*:*:* |
| mozilla | firefox | preview_release | cpe:2.3:a:mozilla:firefox:preview_release:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2004-1200
2004-12-15 05:00:00
cve
cve
CVE-2004-1200
2004-12-31 05:00:00
nessus
nessus
Firefox < 1.0.1 Multiple Vulnerabilities
2005-02-25 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
High
EPSS
0.013
Percentile
85.8%
Related for NVD:CVE-2004-1200