Executive Summary

The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.

Why It Matters

CVE-2003-0791 is rated CRITICAL severity, requiring immediate attention from security teams.

CVSS Base Score: 9.8/10

Affected Technologies

Vendors: mozilla, sco

Products: mozilla, openserver

🛡️What Defenders Should Check

Check if you are affected — Review your asset inventory for products listed in CVE-2003-0791.

Apply available patches — Visit vendor advisories for the latest security updates.

Monitor for exploitation — Check your SIEM/IDS logs for related indicators.

Use Vulnios to continuously monitor your exposure to CVE-2003-0791 and similar vulnerabilities.

References & Sources

http://secunia.com/advisories/11103/

http://www.mandriva.com/security/advisories?name=MDKSA-2004:021

http://www.osvdb.org/8390

http://www.securityfocus.com/advisories/6979

http://www.securityfocus.com/bid/9322

https://bugzilla.mozilla.org/show_bug.cgi?id=221526

http://secunia.com/advisories/11103/

http://www.mandriva.com/security/advisories?name=MDKSA-2004:021

http://www.osvdb.org/8390

http://www.securityfocus.com/advisories/6979

AI Security Advisor

Get AI-powered security recommendations tailored to this specific threat — including risk assessment, detection guidance, MITRE ATT&CK mapping, and actionable remediation steps.

Affected Products

mozillaopenserver

Sources

NVD / NIST

critical

Protect Your Organization

Monitor CVEs, scan for vulnerabilities, and get real-time threat alerts — all in one platform.

Get Started Free Free Security Scan OSINT Dashboard

Get instant alerts on Telegram

Join our public channel for real-time critical CVE alerts.

Follow @vulnios

Critical Vulnerability: CVE-2003-0791 — mozilla, sco — mozilla, openserver