Lucene search

[email protected]CVE-2004-1613

HistoryFeb 20, 2005 - 5:00 a.m.

CVE-2004-1613

2005-02-2005:00:00

[email protected]

web.nvd.nist.gov

mozilla

remote code execution

null character

denial of service

cve-2004-1613

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.2%

JSON

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

Affected configurations

NVD

Node

mozillamozillaMatch1.0

mozillamozillaMatch1.0rc1

mozillamozillaMatch1.0rc2

mozillamozillaMatch1.0.1

mozillamozillaMatch1.0.2

mozillamozillaMatch1.1

mozillamozillaMatch1.1alpha

mozillamozillaMatch1.1beta

mozillamozillaMatch1.2

mozillamozillaMatch1.2alpha

mozillamozillaMatch1.2beta

mozillamozillaMatch1.2.1

mozillamozillaMatch1.3

mozillamozillaMatch1.3.1

mozillamozillaMatch1.4

mozillamozillaMatch1.4alpha

mozillamozillaMatch1.4beta

mozillamozillaMatch1.4.1

mozillamozillaMatch1.4.2

mozillamozillaMatch1.4.4

mozillamozillaMatch1.5

mozillamozillaMatch1.6

mozillamozillaMatch1.7

mozillamozillaMatch1.7rc3

mozillamozillaMatch1.7.1

mozillamozillaMatch1.7.2

mozillamozillaMatch1.7.3

mozillamozillaMatch1.8alpha2

sgipropackMatch3.0

Node

redhatenterprise_linuxMatch2.1advanced_server

redhatenterprise_linuxMatch2.1enterprise_server

redhatenterprise_linuxMatch2.1workstation

redhatenterprise_linuxMatch3.0advanced_servers

redhatenterprise_linuxMatch3.0enterprise_server

redhatenterprise_linuxMatch3.0workstation

redhatenterprise_linux_desktopMatch3.0

redhatfedora_coreMatchcore_1.0

redhatfedora_coreMatchcore_2.0

redhatlinuxMatch7.3

redhatlinuxMatch7.3i386

redhatlinuxMatch7.3i686

redhatlinuxMatch9.0i386

redhatlinux_advanced_workstationMatch2.1itanium

CPENameOperatorVersion
mozilla:mozillamozillaeq1.0
mozilla:mozillamozillaeq1.0.1
mozilla:mozillamozillaeq1.0.2
mozilla:mozillamozillaeq1.1
mozilla:mozillamozillaeq1.2
mozilla:mozillamozillaeq1.2.1
mozilla:mozillamozillaeq1.3
mozilla:mozillamozillaeq1.3.1
mozilla:mozillamozillaeq1.4
mozilla:mozillamozillaeq1.4.1

CPE	Name	Operator	Version
mozilla:mozilla	mozilla	eq	1.0
mozilla:mozilla	mozilla	eq	1.0.1
mozilla:mozilla	mozilla	eq	1.0.2
mozilla:mozilla	mozilla	eq	1.1
mozilla:mozilla	mozilla	eq	1.2
mozilla:mozilla	mozilla	eq	1.2.1
mozilla:mozilla	mozilla	eq	1.3
mozilla:mozilla	mozilla	eq	1.3.1
mozilla:mozilla	mozilla	eq	1.4
mozilla:mozilla	mozilla	eq	1.4.1

Rows per page:

1-10 of 201

References

lcamtuf.coredump.cx/mangleme/gallery/

lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html

marc.info/?l=bugtraq&m=109811406620511&w=2

securitytracker.com/id?1011810

www.redhat.com/support/errata/RHSA-2005-323.html

www.securityfocus.com/bid/11439

exchange.xforce.ibmcloud.com/vulnerabilities/17805

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.7 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.2%

JSON

Related for CVE-2004-1613

cvelist1 nvd1 nessus1 redhat1