Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0722 — Mozilla vulnerability

6 documents6 sources

Severity

10.0CRITICALNVD

EPSS

23.1%

top 4.06%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Mozilla Netscape Navigator

Timeline

PublishedAug 18

Latest updateMay 3

Description

Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDmozilla/mozilla1.6

▶NVDnetscape/navigator7.0, 7.1+1

🔴Vulnerability Details

GHSA

GHSA-5gh9-26h7-pwh7: Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7↗2022-05-03

▶

CVEList

CVE-2004-0722: Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7↗2004-08-03

▶

💥Exploits & PoCs

Exploit-DB

Mozilla 1.x / Netscape 7.0/7.1 - SOAP Integer Overflow↗2004-08-02

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-07-22

▶

💬Community

Bugzilla

CVE-2004-0722 security flaw↗2018-08-16

▶