Vulnerabilities > Deserialization of Untrusted Data

DATE CVE VULNERABILITY TITLE RISK
2003-10-07 CVE-2003-0791 Deserialization of Untrusted Data vulnerability in multiple products
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
network
low complexity
mozilla sco CWE-502
critical
9.8