CVE-2006-1650 — Mozilla Firefox vulnerability

2 documents2 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 40.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox

Timeline

PublishedApr 6

Latest updateMay 1

Description

Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: a followup was unable to replicate this issue.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDmozilla/firefox1.5.0.1

🔴Vulnerability Details

GHSA

GHSA-fgp4-57f9-xv7x: Firefox 1↗2022-05-01

▶