CVE-2004-0191

CVE Database · CVE-2004-0191

CVE-2004-0191

· N/AModified

CVSS v3.1

N/A

EPSS

1.61%

Published

Mar 15, 2004

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Mozilla before 1.4.2 executes Javascript events in the context of a new page while it is being loaded, allowing it to interact with the previous page (zombie document) and enable cross-domain and cross-site scripting (XSS) attacks, as demonstrated using onmousemove events.

Affected Products (32)

mozilla · mozillavulnerable

· mozilla

References (20)

http://bugzilla.mozilla.org/show_bug.cgi?id=227417

ExploitVendor Advisory

http://marc.info/?l=bugtraq&m=107774710729469&w=2

http://marc.info/?l=bugtraq&m=108448379429944&w=2

http://www.osvdb.org/4062

http://www.redhat.com/support/errata/RHSA-2004-110.html

http://www.redhat.com/support/errata/RHSA-2004-112.html

http://www.securityfocus.com/bid/9747

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15322

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A874

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A937

KEV Catalog EPSS Scores Vendors All CVEs