Firefox prior to 1.0 and Mozilla prior to 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote malicious users to steal NTLM or SPNEGO credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla mozilla 1.7 |
||
mozilla mozilla 1.7.1 |
||
mozilla firefox 0.9 |
||
mozilla firefox 0.9.1 |
||
mozilla firefox 0.9.2 |
||
mozilla firefox 0.9.3 |
||
mozilla firefox 0.8 |
||
mozilla mozilla 1.7.2 |
||
mozilla mozilla 1.7.3 |