Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2004-0763 — Mozilla Firefox vulnerability

7 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

13.2%

top 5.85%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Mozilla Firefox

Timeline

PublishedAug 18

Latest updateMay 3

Description

Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmozilla/firefox0.9.1, 0.9.2+1

Patches

Patch: bugzilla.mozilla.org ↗Patch: bugzilla.mozilla.org ↗

🔴Vulnerability Details

GHSA

GHSA-8rh9-c9p7-ppjc: Mozilla Firefox 0↗2022-05-03

▶

💥Exploits & PoCs

Exploit-DB

Mozilla Browser 0.8/0.9/1.x - Refresh Security Property Spoofing↗2004-07-26

▶

Exploit-DB

Microsoft Internet Explorer 6 - Meta Data Foreign Domain Spoofing↗2004-04-30

▶

📋Vendor Advisories

Red Hat

security flaw↗2004-07-26

▶

💬Community

Bugzilla

CVE-2004-0763 security flaw↗2018-08-16

▶

Bugzilla

CAN-2004-1009 Multiple mc issues (CAN-2004-1090 CAN-2004-1091 CAN-2004-1093 CAN-2004-1174 CAN-2004-1175 CAN-2005-0763)↗2005-05-24

▶