PT-2007-2247 · Mozilla+1 · Firefox+1

Kaneda

Published

2007-02-07

Updated

2022-02-26

CVE-2007-0802

CVSS v2.0

6.4

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Mozilla Firefox version 2.0.0.1

Description The issue allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name. This can be achieved by using characters such as the "." and "/" at the end of the domain, which are not properly filtered by the Phishing List blacklist.

Recommendations For Mozilla Firefox version 2.0.0.1, consider updating to a newer version that addresses this issue, as the current version allows attackers to bypass phishing protections by manipulating domain names.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2007-0802

Affected Products

Firefox

Opera

PT-2007-2247 · Mozilla+1 · Firefox+1

CVE-2007-0802

Weakness Enumeration

Related Identifiers

Affected Products

References · 7