← back
CVE-2004-1451

CVE-2004-1451

EPSS 1.4%
Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugzilla.mozilla.org/show_bug.cgi?id=228176http://secunia.com/advisories/10419/http://www.mozilla.org/projects/security/known-vulnerabilities.html