CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
92.0%
Mozilla Firefox 1.0.7 and earlier on Linux allows remote attackers to cause
a denial of service (client crash) via an IFRAME element with a large value
of the WIDTH attribute, which triggers a problem related to representation
of floating-point numbers, leading to an infinite loop of widget resizes
and a corresponding large number of function calls on the stack.