Mozilla SSL Lock Image Spoofing VulnerabilityID: oval:org.mitre.oval:def:100044 | Date: (C)2005-08-16 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site.
Platform: |
Microsoft Windows Server 2022 |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2016 |
Microsoft Windows NT |
Microsoft Windows 2000 |
Microsoft Windows XP |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 10 |