CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
70.0%
The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does
not properly perform proxy upgrade negotiation, which has unspecified
impact and remote attack vectors, related to an “inherent problem” with the
WebSocket specification.
Author | Note |
---|---|
jdstrand | pulled in beta8 (https://wiki.mozilla.org/Platform/2010-12-07) |