CVE-2003-0791

CVSS 9.8 - CRITICAL
Description

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

Affected Products
2
Vendor Product Version
mozilla mozilla All versions
sco openserver 5.0.7
References
http://secunia.com/advisories/11103/
http://www.mandriva.com/security/advisories?name=M...
http://www.osvdb.org/8390
http://www.securityfocus.com/advisories/6979
http://www.securityfocus.com/bid/9322
https://bugzilla.mozilla.org/show_bug.cgi?id=22152...
http://secunia.com/advisories/11103/
http://www.mandriva.com/security/advisories?name=M...
http://www.osvdb.org/8390
http://www.securityfocus.com/advisories/6979
http://www.securityfocus.com/bid/9322
https://bugzilla.mozilla.org/show_bug.cgi?id=22152...
Weakness Types
CWE-502
CVE Information
CVE ID:
CVE-2003-0791
Published:
2003-10-07
Modified:
2026-04-16
CVSS Score:
9.8
Severity:
CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Vendors
sco mozilla
Quick Actions
View on NVD Find Similar CVEs
CVSS Severity Scale
0.0 - 3.9 LOW
4.0 - 6.9 MEDIUM
7.0 - 8.9 HIGH
9.0 - 10.0 CRITICAL