Mozilla Browser 1.6/1.7 – URI Obfuscation

Mozilla Browser 1.6/1.7 – URI Obfuscation

漏洞ID 1054497 漏洞类型
发布时间 2004-06-14 更新时间 2004-06-14
图片[1]-Mozilla Browser 1.6/1.7 – URI Obfuscation-安全小百科CVE编号 N/A
图片[2]-Mozilla Browser 1.6/1.7 – URI Obfuscation-安全小百科CNNVD-ID N/A
漏洞平台 Windows CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24196
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10532/info

A weakness is reported in Mozilla that may allow an attacker to obfuscate the URI of a link. This could facilitate the impersonation of legitimate web sites in order to steal sensitive information from unsuspecting users. 

It is reported that the weakness exists when form method GET action URI's that are appended with the %2F encoded character, several space characters and an appended '.' URI are followed.

Mozilla 1.6 and 1.7rc3 for Windows and Firefox 0.8 and 0.9rc for Windows are reportedly affected by this issue.

http://[trusted_site]%2F%20%20%20.[malicious_site]/

相关推荐: John Roy Pi3Web存在文件泄露漏洞

John Roy Pi3Web存在文件泄露漏洞 漏洞ID 1204640 漏洞类型 未知 发布时间 2002-07-26 更新时间 2002-07-26 CVE编号 CVE-2002-0433 CNNVD-ID CNNVD-200207-101 漏洞平台 N/…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享