CVE-2004-1613

Name: CVE-2004-1613
Creator: NVD / NIST
Published: 2004-10-18T04:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 1.65%

Last modified Jun 16, 2026

CVE-2004-1613 is a vulnerability of currently unknown severity. Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.. EPSS estimates a 1.65% chance of exploitation in the next 30 days.

Description

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

Metrics

EPSS Probability

1.65%

73.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions	Update
Mozilla	Mozilla	1.0	—
Mozilla	Mozilla	1.0.1	—
Mozilla	Mozilla	1.0.2	—
Mozilla	Mozilla	1.1	—
Mozilla	Mozilla	1.2	—
Mozilla	Mozilla	1.2.1	—
Mozilla	Mozilla	1.3	—
Mozilla	Mozilla	1.3.1	—
Mozilla	Mozilla	1.4	—
Mozilla	Mozilla	1.4.1	—
Mozilla	Mozilla	1.4.2	—
Mozilla	Mozilla	1.4.4	—
Mozilla	Mozilla	1.5	—
Mozilla	Mozilla	1.6	—
Mozilla	Mozilla	1.7	—
Mozilla	Mozilla	1.7.1	—
Mozilla	Mozilla	1.7.2	—
Mozilla	Mozilla	1.7.3	—
Mozilla	Mozilla	1.8	Alpha2
Sgi	Propack	3.0	—
Redhat	Enterprise Linux	2.1	—
Redhat	Enterprise Linux	3.0	—
Redhat	Enterprise Linux Desktop	3.0	—
Redhat	Fedora Core	core_1.0	—
Redhat	Fedora Core	core_2.0	—
Redhat	Linux	7.3	—
Redhat	Linux	9.0	—
Redhat	Linux Advanced Workstation	2.1	—

References

http://lcamtuf.coredump.cx/mangleme/gallery/Exploit
http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.htmlExploit, Vendor Advisory
http://marc.info/?l=bugtraq&m=109811406620511&w=2
http://securitytracker.com/id?1011810Exploit, Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-323.htmlPatch, Vendor Advisory
http://www.securityfocus.com/bid/11439Exploit, Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17805
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227
http://lcamtuf.coredump.cx/mangleme/gallery/Exploit
http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.htmlExploit, Vendor Advisory
http://marc.info/?l=bugtraq&m=109811406620511&w=2
http://securitytracker.com/id?1011810Exploit, Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2005-323.htmlPatch, Vendor Advisory
http://www.securityfocus.com/bid/11439Exploit, Patch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/17805
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10227

Timeline

Published: Oct 18, 2004
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2004-1613?

How severe is CVE-2004-1613?

Severity scoring for CVE-2004-1613 is pending analysis. The EPSS model estimates a 1.65% probability of exploitation in the next 30 days.

How do I fix CVE-2004-1613?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2004-1613?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST