← Back

CVE-2007-0802

nvd nist
Published: Feb 7, 2007Modified: Apr 23, 2026

JSON object

Loading...
6.4
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:N
Exploitability: 10.0 / Impact: 4.9
Source: NVD

Description

Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter.

Affected (2)

Mozilla
1 product
Firefox
Opera
1 product
Opera Browser
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Firefox
Version 2.0.0.1
Opera Browser
Version 9.10

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkExploitVendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkExploitVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory

Timeline

No history available yet.