CVE-2004-0478

high

Description

Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrated using an embedded ctrl-U.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/16225

http://lists.immunitysec.com/pipermail/dailydave/2004-May/000587.html

http://bugzilla.mozilla.org/show_bug.cgi?id=243540

Details

Source: Mitre, NVD

Published: 2004-07-07

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:P

Severity: Low

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High

EPSS

EPSS: 0.00739