Arbitrary Code Execution via Script.prototype.freeze/thaw in Mozilla 1.4 and Earlier

Arbitrary Code Execution via Script.prototype.freeze/thaw in Mozilla 1.4 and Earlier

CVE-2003-0791 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

Learn more about our Web Application Penetration Testing UK.