CVE-2007-1562

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions 1.5.0.11 and earlier Mozilla Firefox 2.x versions prior to 2.0.0.3

Description The issue allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. This can be achieved through the FTP protocol implementation.

Recommendations For Mozilla Firefox versions 1.5.0.11 and earlier, update to version 1.5.0.11 or later. For Mozilla Firefox 2.x versions prior to 2.0.0.3, update to version 2.0.0.3 or later.