CVE-2005-2602

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks.

References

http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=1682

http://www.securityfocus.com/archive/1/407704

http://www.securityfocus.com/bid/14526

Details

Source: MITRE

Published: 2005-08-17

Updated: 2008-09-05

Risk Information

CVSS v2

Base Score: 2.6

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
3239Mozilla Firefox < 1.0.7 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
3238Mozilla Firefox < 1.7.12 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
19719Firefox < 1.0.7 Multiple VulnerabilitiesNessusWindows
high
19718Mozilla Browser < 1.7.12 Multiple VulnerabilitiesNessusWindows
high
19696Netscape Browser < 8.0.4 Multiple VulnerabilitiesNessusWindows
high
801294Mozilla Browser < 1.7.12 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high
800781Firefox < 1.0.7 Multiple VulnerabilitiesLog Correlation EngineWeb Clients
high