CVE-2010-0172 in Firefox
Resumen (Inglés)
toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorization dialog and capture credentials by demanding HTTP authentication in opportunistic circumstances.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Reservar
2010-01-06
Divulgación
2010-03-25
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 52366 | Mozilla Firefox autenticación débil | 290 | No está definido | Arreglo oficial | CVE-2010-0172 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV