CVE-2008-4723

Description

Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 3.0.1 through 3.0.3 allow remote attackers to inject arbitrary web script or HTML via an ftp:// URL for an HTML document within a (1) JPG, (2) PDF, or (3) TXT file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Risk Information

Base Score

6.1

MODERATE

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

Exploitation Probability

0.209

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities affected in Mozilla Firefox (x64) 3.0.3	Windows
Multiple vulnerabilities affected in Mozilla_Firefox 3.0.3	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.1	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.2	Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 3.0.3	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.1	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.2	Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 3.0.3	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-343016	Mozilla Firefox (x64) (132.0.2)
PATCH-343015	Mozilla Firefox (132.0.2)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234