Vulnerabilities > CVE-2004-1200 - Denial Of Service vulnerability in Mozilla Firefox Infinite Array Sort

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

mozilla

nessus

NVD

Published: 2004-12-31

Updated: 2017-07-11

Summary

Firefox and Mozilla allow remote attackers to cause a denial of service (application crash from memory consumption), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Firefox 0.8 Mozilla Firefox 0.9 Mozilla Firefox 0.9.1 Mozilla Firefox 0.9.2 Mozilla Firefox 0.9.3 Mozilla Firefox 0.10 Mozilla Firefox 0.10.1 Mozilla Firefox Preview_Release	9

Nessus

NASL family	Windows
NASL id	MOZILLA_FIREFOX_101.NASL
description	The installed version of Firefox is earlier than 1.0.1. Such versions have multiple security issues, including vulnerabilities that could allow an attacker to impersonate a website by using an International Domain Name, or vulnerabilities that could allow arbitrary code execution.
last seen	2020-06-01
modified	2020-06-02
plugin id	17218
published	2005-02-25
reporter	This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/17218
title	Firefox < 1.0.1 Multiple Vulnerabilities

Summary

Vulnerable Configurations

Nessus

References