CVE-2006-6971

Mozilla Firefox 2.0 - Phishing Protection Bypass via IP Address Representation

Title source: llm
STIX 2.1

Description

Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.

References (2)

Core 2
Core References
Various Sources x_refsource_misc
http://sla.ckers.org/forum/read.php?13%2C2253

Scores

EPSS 0.0117
EPSS Percentile 63.8%

Details

CWE
CWE-20
Status published
Products (1)
mozilla/firefox 2.0.0.1
Published Feb 07, 2007
Tracked Since Feb 18, 2026