Lucene search

K
mozillaMozilla FoundationMFSA2005-04
HistoryJan 21, 2005 - 12:00 a.m.

Secure site lock can be spoofed with view-source: — Mozilla

2005-01-2100:00:00
Mozilla Foundation
www.mozilla.org
4

Kohei Yoshino reports the secure site lock icon can be spoofed by using a view-source: URL targetted at the secure site whose credentials you want to appropriate. An insecure page of the attackers choice can then be loaded while the lock icon shows the previous secure state.

Affected configurations

Vulners
Node
mozillafirefoxRange<1
OR
mozillamozilla_suiteRange<1.7.5
CPENameOperatorVersion
firefoxlt1
mozilla suitelt1.7.5