Firefox Status Bar Spoofing Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Mozilla Firefox browser and is prone to status bar spoofing vulnerability.

Impact

Successful remote exploitation will let the attacker spoof the status bar information and can gain sensitive information by redirecting the authentic user to any malicious URL. Impact Level: Application

Solution

Upgrade to Mozilla Firefox version 3.6.3 or later updates refer, http://www.getfirefox.com

Insight

Firefox doesn't properly handle the crafted URL which is being displayed in the user's browser which lets the attacker perform clickjacking attack and can spoof the user redirect to a different arbitrary malformed website.

Affected

Mozilla Firefox version 3.0.5 and 2.0.0.18/19 on Windows.

Severity

Classification

CVE CVE-2009-0253

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Struts2 showcase namespace XSS Vulnerability
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache Tiles Multiple XSS Vulnerability
Apple Safari Multiple Vulnerabilities
Ampache Reflected Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities