5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.571 Medium
EPSS
Percentile
97.7%
Firefox 1.0.3 and 1.0.4, and Netscape 8.0.2, allows remote attackers to
execute arbitrary code by tricking the user into using the “Set As
Wallpaper” (in Firefox) or “Set as Background” (in Netscape) context menu
on an image URL that is really a javascript: URL with an eval statement,
aka “Firewalling.”