Vulnerability Description
Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / (slash) characters in the URL.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | 2.0.0.1 |
References
- http://osvdb.org/34535
- http://www.securityfocus.com/archive/1/464149/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33486
- http://osvdb.org/34535
- http://www.securityfocus.com/archive/1/464149/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33486
FAQ
What is CVE-2007-1762?
CVE-2007-1762 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / ...
How severe is CVE-2007-1762?
CVE-2007-1762 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1762?
Check the references section above for vendor advisories and patch information. Affected products include: Mozilla Firefox.