CVE-2007-1970

2007-04-11T10:19:00
ID CVE-2007-1970
Type cve
Reporter cve@mitre.org
Modified 2018-10-16T16:41:00

Description

Mozilla Firefox does not warn the user about HTTP elements on an HTTPS page when the HTTP elements are dynamically created by a delayed document.write, which allows remote attackers to supply unauthenticated content and conduct phishing attacks.