Closed
Bug 390630
Opened 17 years ago
Closed 17 years ago
CVE-2005-4809 Spoof URL in status bar
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
DUPLICATE
of bug 266932
People
(Reporter: lkundrak, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; cs-CZ; rv:1.8.1.2) Gecko/20070313 Firefox/2.0.0.2 Build Identifier: Mozilla Firefox 1.0.1 and possibly other versions, including Mozilla and Thunderbird, allows remote attackers to spoof the URL in the Status Bar via an A HREF tag that contains a TABLE tag that contains another A tag. See relevant CVE-2005-4809 [1] and relevant [2] full-disclosure entry for details. [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4809 [2] http://marc.theaimsgroup.com/?l=full-disclosure&m=111073068631287&w=2 Reproducible: Always
Comment 1•17 years ago
|
||
This is fixed in the Firefox 2.0.0.2 version you appear to be using, did you try it? Firefox 1.0.1 is no longer supported and the fix will not be back-ported.
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
Reporter | ||
Comment 2•17 years ago
|
||
Daniel: feel free to close it then. I was not reporting against the version I use.
You need to log in
before you can comment on or make changes to this bug.
Description
•