CVE-2007-4357Mozilla Firefox vulnerability

2 documents2 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 29.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox
Timeline
PublishedAug 15
Latest updateMay 1

Description

Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDmozilla/firefox2.0.0.6

🔴Vulnerability Details

1
GHSA
GHSA-8qqj-ch4p-86p2: Mozilla Firefox 22022-05-01