Vulnerability Details CVE-2004-1200
Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029434.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029491.html
- http://www.securityfocus.com/bid/11752
- http://www.securityfocus.com/bid/11760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18282
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029434.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029491.html
- http://www.securityfocus.com/bid/11752
- http://www.securityfocus.com/bid/11760
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18282
Products affected by CVE-2004-1200
-
cpe:2.3:a:mozilla:firefox:0.10
-
cpe:2.3:a:mozilla:firefox:0.10.1
-
cpe:2.3:a:mozilla:firefox:0.8
-
cpe:2.3:a:mozilla:firefox:0.9
-
cpe:2.3:a:mozilla:firefox:0.9.1
-
cpe:2.3:a:mozilla:firefox:0.9.2
-
cpe:2.3:a:mozilla:firefox:0.9.3
-
cpe:2.3:a:mozilla:firefox:preview_release