Mozilla Firefox 2.0.0.1 up to and including 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote malicious users to bypass phishing protection via multiple / (slash) characters in the URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 2.0.0.1 |
||
mozilla firefox 2.0.0.2 |
||
mozilla firefox 2.0.0.3 |