CVE-2007-4357 in Firefoxinfo

Summary

Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsible

Reservation

08/14/2007

Disclosure

08/14/2007

Moderation

VulDB entry created

Entries

VDB-38336

CPE

ready

CWE

CWE-290 (Confirmed)

CVSS

5.3

EPSS

0.00622

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-4357
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4357
CVE Details	https://www.cvedetails.com/cve/CVE-2007-4357/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!