CVE-2007-1256
Mozilla Firefox 2.0.0.2 - Address Bar Spoofing via Document Location Manipulation
Title source: llmDescription
Mozilla Firefox 2.0.0.2 allows remote attackers to spoof the address bar, favicons, and document source, and perform updates in the context of arbitrary websites, by repeatedly setting document.location in the onunload attribute when linking to another website, a variant of CVE-2007-1092.
References (4)
Core 4
Core References
Third Party Advisory mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=117259225402112&w=2
Third Party Advisory mailing-list
x_refsource_fulldisc
http://marc.info/?l=full-disclosure&m=117258301222007&w=2
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/461437/100/0/threaded
Broken Link vdb-entry
x_refsource_osvdb
http://osvdb.org/35913
Scores
EPSS
0.0101
EPSS Percentile
59.3%
Details
CWE
CWE-119
Status
published
Products (3)
mozilla/firefox
2.0
mozilla/firefox
2.0.0.1
mozilla/firefox
2.0.0.2
Published
Mar 03, 2007
Tracked Since
Feb 18, 2026