Vulnerability Report

CVE-2004-0722

RCE

Title: Netscape/Mozilla SOAPParameter integer overflow RCE

RCE, Integer Overflow

Proof Of Concept

PoC Available for CVE-2004-0722

CWE Category NVD-CWE-noinfo

Published Date Aug 18, 2004

Modified Date Apr 03, 2025

Exploit Status Available

Score 10.0 CVSS v2.0

Exploit Probability (EPSS)

23.11%

Vulnerability Summary

CVE-2004-0722: Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.

Impacted Vendors

netscape 1

mozilla 1

cloudera 1

Reference Links

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://bugzilla.mozilla.org/show_bug.cgi?id=236618 http://www.idefense.com/application/poi/display?id=117&type=vulnerabilities http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.redhat.com/support/errata/RHSA-2004-421.html http://www.securityfocus.com/bid/15495 https://exchange.xforce.ibmcloud.com/vulnerabilities/16862 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4629 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9378 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt http://bugzilla.mozilla.org/show_bug.cgi?id=236618 http://www.idefense.com/application/poi/display?id=117&type=vulnerabilities http://www.novell.com/linux/security/advisories/2004_36_mozilla.html http://www.redhat.com/support/errata/RHSA-2004-421.html http://www.securityfocus.com/bid/15495 https://exchange.xforce.ibmcloud.com/vulnerabilities/16862 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4629 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9378

CVSS v2.0

Source Entity [email protected]

Severity HIGH

10.0

Access Vector

N/A

Authentication

N/A

RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2004-0722 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/24346

View Code

April 03, 2025 MODIFIED

Vulnerability data or affected products updated.

August 18, 2004 PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector N/A

Complexity N/A

Privileges N/A

Interaction NONE

CVSS Vector String


                                    AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Stack

No specific products linked.