2.6 Low
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
firefox is vulnerable to spoofing attack. A flaw was found in the way Firefox displayed the location bar when visiting a secure web page. A malicious server could use this flaw to present data that appears to originate from a secure server, even though it does not.
www.mozilla.org/security/announce/2010/mfsa2010-45.html
www.mozilla.org/security/known-vulnerabilities/firefox36.html#firefox3.6.7
www.redhat.com/security/updates/classification/#critical
access.redhat.com/errata/RHSA-2010:0547
bugzilla.mozilla.org/show_bug.cgi?id=536466
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11688