CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
EPSS
Percentile
95.4%
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before
1.7.13, and SeaMonkey before 1.0 allows remote attackers to spoof secure
site indicators such as the locked icon by opening the trusted site in a
popup window, then changing the location to a malicious site.