Lucene search
MitreCVELIST:CVE-2008-0367HistoryJan 18, 2008 - 11:00 p.m.
CVE-2008-0367
2008-01-1823:00:00
mitre
www.cve.org
4
Mozilla Firefox 2.0.0.11, 3.0b2, and possibly earlier versions, when prompting for HTTP Basic Authentication, displays the site requesting the authentication after the Realm text, which might make it easier for remote HTTP servers to conduct phishing and spoofing attacks.
References
aviv.raffon.net/2008/01/02/YetAnotherDialogSpoofingFirefoxBasicAuthentication.aspx
aviv.raffon.net/2008/01/05/FirefoxDialogSpoofingFAQ.aspx
blog.mozilla.com/security/2008/01/04/basicauth-dialog-realm-value-spoofing/
www.securityfocus.com/archive/1/485732/100/200/threaded
www.securityfocus.com/archive/1/485738/100/200/threaded
www.securityfocus.com/bid/27111
bugzilla.mozilla.org/show_bug.cgi?id=244273
Related
ubuntucve
ubuntucve
CVE-2008-0367
2008-01-19 00:00:00
nvd
nvd
CVE-2008-0367
2008-01-19 00:00:00
prion
prion
Authentication flaw
2008-01-19 00:00:00
cve
cve
CVE-2008-0367
2008-01-19 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201301-01
2015-09-29 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
nessus
nessus
GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
2013-01-08 00:00:00