CVE-2010-4508

Mozilla Firefox <4.0.7 - Info Disclosure

Title source: llm
STIX 2.1

Description

The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12251
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/69758
Third Party Advisory x_refsource_confirm
https://wiki.mozilla.org/Platform/2010-12-07

Scores

EPSS 0.0130
EPSS Percentile 67.2%

Details

Status published
Products (1)
mozilla/firefox 4.0 beta1 (6 CPE variants)
Published Dec 09, 2010
Tracked Since Feb 18, 2026