Vulnerability Details CVE-2010-4508
The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
- http://osvdb.org/69758
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12251
- https://wiki.mozilla.org/Platform/2010-12-07
- http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
- http://osvdb.org/69758
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12251
- https://wiki.mozilla.org/Platform/2010-12-07