Vulnerabilites related to galeon - galeon_browser
CVE-2007-3145 (GCVE-0-2007-3145)
Vulnerability from cvelistv5
Published
2007-06-11 18:00
Modified
2024-08-07 14:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:28.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24352"
},
{
"name": "43467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43467"
},
{
"name": "multiple-basic-authentication-spoofing(34983)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://testing.bitsploit.de/test.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.0x000000.com/?i=334"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24352"
},
{
"name": "43467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43467"
},
{
"name": "multiple-basic-authentication-spoofing(34983)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://testing.bitsploit.de/test.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.0x000000.com/?i=334"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24352"
},
{
"name": "43467",
"refsource": "OSVDB",
"url": "http://osvdb.org/43467"
},
{
"name": "multiple-basic-authentication-spoofing(34983)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
},
{
"name": "http://testing.bitsploit.de/test.html",
"refsource": "MISC",
"url": "http://testing.bitsploit.de/test.html"
},
{
"name": "http://www.0x000000.com/?i=334",
"refsource": "MISC",
"url": "http://www.0x000000.com/?i=334"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3145",
"datePublished": "2007-06-11T18:00:00",
"dateReserved": "2007-06-11T00:00:00",
"dateUpdated": "2024-08-07T14:05:28.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0594 (GCVE-0-2002-0594)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 02:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"name": "mozilla-css-files-exist(8977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "4640",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4640"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"name": "mozilla-css-files-exist(8977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "4640",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4640"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2002:490",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"name": "mozilla-css-files-exist(8977)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"name": "RHSA-2003:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "4640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4640"
},
{
"name": "RHSA-2002:192",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0594",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-06-11T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1126 (GCVE-0-2002-1126)
Vulnerability from cvelistv5
Published
2004-09-01 04:00
Modified
2024-08-08 03:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020911 Privacy leak in mozilla",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "mozilla-onunload-url-leak(10084)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"name": "5694",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5694"
},
{
"name": "MDKSA-2002:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020911 Privacy leak in mozilla",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "mozilla-onunload-url-leak(10084)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"name": "5694",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5694"
},
{
"name": "MDKSA-2002:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020911 Privacy leak in mozilla",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"name": "RHSA-2003:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "mozilla-onunload-url-leak(10084)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"name": "5694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5694"
},
{
"name": "MDKSA-2002:075",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"name": "RHSA-2002:192",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1126",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2002-09-17T00:00:00",
"dateUpdated": "2024-08-08T03:12:16.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2002-09-24 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| galeon | galeon_browser | 1.2.4 | |
| galeon | galeon_browser | 1.2.5 | |
| galeon | galeon_browser | 1.2.6 | |
| mozilla | mozilla | 0.9.3 | |
| mozilla | mozilla | 0.9.4 | |
| mozilla | mozilla | 0.9.5 | |
| mozilla | mozilla | 0.9.6 | |
| mozilla | mozilla | 0.9.7 | |
| mozilla | mozilla | 0.9.8 | |
| mozilla | mozilla | 0.9.9 | |
| mozilla | mozilla | 1.0.1 | |
| mozilla | mozilla | 1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:galeon:galeon_browser:1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1196F08A-E1AF-41F0-9685-0E54A8409D85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:galeon:galeon_browser:1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B32DBCE5-7463-4124-A6E1-5D2206F31E0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:galeon:galeon_browser:1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "864F6D5C-88BE-4FDB-ABD6-E0AB1C7377BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9420CD82-0E5F-4486-9AF8-9DCD6ED7E037",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A9C79AB-4ABE-49E6-BAB2-94610AE0316F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1444C77E-FF98-40E5-9CA9-B4C71B3C9304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3B40771F-30CB-45D0-9EDE-1F13852085B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4F64F8-CCC2-47FF-9B9D-41B3BCDD513C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.8:*:*:*:*:*:*:*",
"matchCriteriaId": "47315EC4-1EED-4070-A087-8E37C8FE6703",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EB38F-CEB2-40BC-AA5D-CC539F597137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A8987151-0901-4547-B750-5DC470BB9CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "66A87ED8-9E1F-4C2C-B806-A41765081C9C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler."
}
],
"id": "CVE-2002-1126",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-09-24T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5694"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5694"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-06-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:galeon:galeon_browser:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E89FB22-EF04-446F-AF36-44878AB57AF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:galeon:galeon_browser:1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "184CDE30-30DE-49F5-A44D-36CA3852BF12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:0.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9F1EB38F-CEB2-40BC-AA5D-CC539F597137",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mozilla:mozilla:1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C9296197-0EE0-4CC0-A11F-E44E3443E990",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5421CDE-6C31-42FF-8A06-23A6207D1B51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.01:*:*:*:*:*:*:*",
"matchCriteriaId": "6469EB31-32FF-415C-82DD-670513911371",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4F112CED-879B-4A19-993A-16858B4EC16C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7D7FA24-4B6F-4D67-95BE-46819033CA6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D9B316E0-4A05-411A-8279-404C82288BE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netscape:navigator:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B91D7920-86E6-4842-897A-553F018AD493",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect."
}
],
"id": "CVE-2002-0594",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-06-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/4640"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-11 18:30
Modified
2025-04-09 00:30
Severity ?
Summary
Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| galeon | galeon_browser | 2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:galeon:galeon_browser:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "332397C6-F2AC-4CA0-91B1-60A31522E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."
},
{
"lang": "es",
"value": "Vulnerabilidad de truncamiento visual en Galeon 2.0.1 permite a atacantes remotos envenenar la barra de direcci\u00f3n y posiblemente realizar ataques de phishing a trav\u00e9s de un nombre de host largo, el cual est\u00e1 truncado despu\u00e9s de un cierto n\u00famero de caract\u00e9res, como se demostr\u00f3 con la utilizaci\u00f3n de un ataque de phishing utilizando HTTP Basic Authentication."
}
],
"id": "CVE-2007-3145",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-06-11T18:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/43467"
},
{
"source": "cve@mitre.org",
"url": "http://testing.bitsploit.de/test.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.0x000000.com/?i=334"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/24352"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/43467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://testing.bitsploit.de/test.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.0x000000.com/?i=334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/24352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}