Description
Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by bitlance winter · textremotelinux
https://www.exploit-db.com/exploits/25221
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/19540
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14568
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12798
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013423
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/14885
Mailing List mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=111073068631287&w=2
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/0260
Scores
EPSS
0.1038
EPSS Percentile
93.2%
Details
Status
published
Products (23)
mozilla/firefox
0.8
mozilla/firefox
0.9 (2 CPE variants)
mozilla/firefox
0.9.1
mozilla/firefox
0.9.2
mozilla/firefox
0.9.3
mozilla/firefox
0.10
mozilla/firefox
0.10.1
mozilla/firefox
1.0
mozilla/firefox
1.0.1
mozilla/firefox
preview_release
... and 13 more
Published
Dec 31, 2005
Tracked Since
Feb 18, 2026