Search criteria
3 vulnerabilities by galeon
CVE-2007-3145 (GCVE-0-2007-3145)
Vulnerability from cvelistv5 – Published: 2007-06-11 18:00 – Updated: 2024-08-07 14:05
VLAI
Summary
Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/24352 | vdb-entryx_refsource_BID |
| http://osvdb.org/43467 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://testing.bitsploit.de/test.html | x_refsource_MISC |
| http://www.0x000000.com/?i=334 | x_refsource_MISC |
Date Public
2007-06-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:28.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24352"
},
{
"name": "43467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/43467"
},
{
"name": "multiple-basic-authentication-spoofing(34983)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://testing.bitsploit.de/test.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.0x000000.com/?i=334"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24352"
},
{
"name": "43467",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/43467"
},
{
"name": "multiple-basic-authentication-spoofing(34983)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://testing.bitsploit.de/test.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.0x000000.com/?i=334"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3145",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24352"
},
{
"name": "43467",
"refsource": "OSVDB",
"url": "http://osvdb.org/43467"
},
{
"name": "multiple-basic-authentication-spoofing(34983)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983"
},
{
"name": "http://testing.bitsploit.de/test.html",
"refsource": "MISC",
"url": "http://testing.bitsploit.de/test.html"
},
{
"name": "http://www.0x000000.com/?i=334",
"refsource": "MISC",
"url": "http://www.0x000000.com/?i=334"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3145",
"datePublished": "2007-06-11T18:00:00.000Z",
"dateReserved": "2007-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:05:28.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1126 (GCVE-0-2002-1126)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:12
VLAI
Summary
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://marc.info/?l=bugtraq&m=103176760004720&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.redhat.com/support/errata/RHSA-2003-046.html | vendor-advisoryx_refsource_REDHAT |
| http://www.iss.net/security_center/static/10084.php | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/5694 | vdb-entryx_refsource_BID |
| http://www.mandrakesoft.com/security/advisories?n… | vendor-advisoryx_refsource_MANDRAKE |
| http://bugzilla.mozilla.org/show_bug.cgi?id=145579 | x_refsource_CONFIRM |
| http://www.redhat.com/support/errata/RHSA-2002-192.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2002-09-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:12:16.951Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020911 Privacy leak in mozilla",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "mozilla-onunload-url-leak(10084)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"name": "5694",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5694"
},
{
"name": "MDKSA-2002:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020911 Privacy leak in mozilla",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "mozilla-onunload-url-leak(10084)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"name": "5694",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5694"
},
{
"name": "MDKSA-2002:075",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1126",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs, using the onunload handler."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020911 Privacy leak in mozilla",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=103176760004720\u0026w=2"
},
{
"name": "RHSA-2003:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "mozilla-onunload-url-leak(10084)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10084.php"
},
{
"name": "5694",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5694"
},
{
"name": "MDKSA-2002:075",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075"
},
{
"name": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579",
"refsource": "CONFIRM",
"url": "http://bugzilla.mozilla.org/show_bug.cgi?id=145579"
},
{
"name": "RHSA-2002:192",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1126",
"datePublished": "2004-09-01T04:00:00.000Z",
"dateReserved": "2002-09-17T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:12:16.951Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-0594 (GCVE-0-2002-0594)
Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:56
VLAI
Summary
Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://distro.conectiva.com.br/atualizacoes/?id=a… | vendor-advisoryx_refsource_CONECTIVA |
| http://online.securityfocus.com/archive/1/270249 | mailing-listx_refsource_BUGTRAQ |
| http://www.iss.net/security_center/static/8977.php | vdb-entryx_refsource_XF |
| http://www.redhat.com/support/errata/RHSA-2003-046.html | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/4640 | vdb-entryx_refsource_BID |
| http://www.redhat.com/support/errata/RHSA-2002-192.html | vendor-advisoryx_refsource_REDHAT |
Date Public
2002-04-30 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA",
"x_transferred"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"name": "mozilla-css-files-exist(8977)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "4640",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4640"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-04-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-11-13T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "CLA-2002:490",
"tags": [
"vendor-advisory",
"x_refsource_CONECTIVA"
],
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"name": "mozilla-css-files-exist(8977)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"name": "RHSA-2003:046",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "4640",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4640"
},
{
"name": "RHSA-2002:192",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netscape 6 and Mozilla 1.0 RC1 and earlier allows remote attackers to determine the existence of files on the client system via a LINK element in a Cascading Style Sheet (CSS) page that causes an HTTP redirect."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "CLA-2002:490",
"refsource": "CONECTIVA",
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000490"
},
{
"name": "20020430 RE: Reading local files in Netscape 6 and Mozilla (GM#001-NS)",
"refsource": "BUGTRAQ",
"url": "http://online.securityfocus.com/archive/1/270249"
},
{
"name": "mozilla-css-files-exist(8977)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/8977.php"
},
{
"name": "RHSA-2003:046",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2003-046.html"
},
{
"name": "4640",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4640"
},
{
"name": "RHSA-2002:192",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2002-192.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0594",
"datePublished": "2003-04-02T05:00:00.000Z",
"dateReserved": "2002-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-08T02:56:38.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}