| VID |
28631 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The Mozilla Web browser, according to its version number, is vulnerable to an integer overflow in the SOAPParameter object constructor. An attacker could exploit this flaw to execute arbitrary code on the affected computer with the privileges of the user that started the affected application.
A remote attacker could create a specially crafted URL link containing a malicious script, and then could persuade a target user to click it. Once the URL is clicked, the embedded codes would be executed in the victim's Web browser.
* Platforms Affected:
Mozilla Browser prior to 1.7.1
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version (1.7.1 or later) of Mozilla, available from the Mozilla Download Web site at http://www.mozilla.org/download.html |
| Related URL |
CVE-2004-0722 (CVE) |
| Related URL |
10843 (SecurityFocus) |
| Related URL |
(ISS) |
|
