Vulnerability Description
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Galeon | Galeon Browser | 1.2.4 |
| Mozilla | Mozilla | 0.9.3 |
References
- http://bugzilla.mozilla.org/show_bug.cgi?id=145579
- http://marc.info/?l=bugtraq&m=103176760004720&w=2
- http://www.iss.net/security_center/static/10084.phpVendor Advisory
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075
- http://www.redhat.com/support/errata/RHSA-2002-192.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-046.html
- http://www.securityfocus.com/bid/5694ExploitPatchVendor Advisory
- http://bugzilla.mozilla.org/show_bug.cgi?id=145579
- http://marc.info/?l=bugtraq&m=103176760004720&w=2
- http://www.iss.net/security_center/static/10084.phpVendor Advisory
- http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075
- http://www.redhat.com/support/errata/RHSA-2002-192.htmlPatchVendor Advisory
- http://www.redhat.com/support/errata/RHSA-2003-046.html
- http://www.securityfocus.com/bid/5694ExploitPatchVendor Advisory
FAQ
What is CVE-2002-1126?
CVE-2002-1126 is a vulnerability with a CVSS score of 2.6 (LOW). Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to ...
How severe is CVE-2002-1126?
CVE-2002-1126 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1126?
Check the references section above for vendor advisories and patch information. Affected products include: Galeon Galeon Browser, Mozilla Mozilla.