CVE-2010-4508
Published Dec 9, 2010
Last updated 7 years ago
Overview
- Description
- The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B7BC1684-3634-4585-B7E6-8C8777E1DA0D"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4062C901-3828-415B-A6C3-EDD0E7B20C0E"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC0D8730-7034-4AD6-9B05-F8BAFB0145EF"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "857AFB05-F0C1-4061-9680-9561D68C908F"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC37EBAF-C979-4ACC-ACA9-BDC2AECCB0D7"
},
{
"criteria": "cpe:2.3:a:mozilla:firefox:4.0:beta6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80801CD8-EEAF-4BC4-9085-DCCC6CF73076"
}
],
"operator": "OR"
}
]
}
]