CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
EPSS
Percentile
78.8%
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey
before 1.1.15 decode invisible characters when they are displayed in the
location bar, which causes an incorrect address to be displayed and makes
it easier for remote attackers to spoof URLs and conduct phishing attacks.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | firefox-3.0 | < 3.0.7+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | firefox-3.0 | < 3.0.7+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
ubuntu | 9.04 | noarch | firefox-3.0 | < 3.0.7+nobinonly-0ubuntu1 | UNKNOWN |
ubuntu | 9.04 | noarch | firefox-3.5 | < 3.5+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |
ubuntu | 8.04 | noarch | xulrunner-1.9 | < 1.9.0.7+nobinonly-0ubuntu0.8.04.1 | UNKNOWN |
ubuntu | 8.10 | noarch | xulrunner-1.9 | < 1.9.0.7+nobinonly-0ubuntu0.8.10.1 | UNKNOWN |
ubuntu | 9.04 | noarch | xulrunner-1.9 | < 1.9.0.7+nobinonly-0ubuntu1 | UNKNOWN |
ubuntu | 9.04 | noarch | xulrunner-1.9.1 | < 1.9.1+nobinonly-0ubuntu0.9.04.1 | UNKNOWN |