Searching phishing software vulnerabilities

Mozilla before 1.6 does not display the entire

facilitate | attackers | untrusted | clicking | contains | phishing | attacks | unknown | display | Mozilla | remote | before | entire | status | trick | sites | users | which | could | allow | link | does | into | not | URL | %00 | bar |

Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks.


Microsoft Internet Explorer 6 allows remote att

historyback | facilitate | Javascript | attackers | NullyFake | Microsoft | phishing | Internet | previous | Explorer | modifies | Location | navigate | invalid | address | attacks | remote | allows | domain | field | spoof | uses | then | aka | bar | URI | via |

Microsoft Internet Explorer 6 allows remote attackers to spoof the address bar to facilitate phishing attacks via Javascript that uses an invalid URI, modifies the Location field, then uses history.back to navigate to the previous domain, aka NullyFake.


Microsoft Outlook Express 6.0 allows remote att

restrictions | facilitate | attackers | arbitrary | Microsoft | intended | phishing | sources | Outlook | attacks | context | content | Express | bypass | allows | remote | "_top" | target | access | "BASE | HREF" | load | into | via | set |

Microsoft Outlook Express 6.0 allows remote attackers to bypass intended access restrictions, load content from arbitrary sources into the Outlook context, and facilitate phishing attacks via a "BASE HREF" with the target set to "_top".


Firefox before 1.0 and Mozilla before 1.7.5 dis

Mozilla | Firefox | before |

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.


Internet Explorer 6.0 on Windows XP SP2 allows

script-initiated | facilitate | attackers | titlebar | phishing | Explorer | Internet | attacks | Windows | window | remote | allows | domain | which | could | spoof | popup | name | SP2 | URL |

Internet Explorer 6.0 on Windows XP SP2 allows remote attackers to spoof the domain name of a URL in a titlebar for a script-initiated popup window, which could facilitate phishing attacks.


Firefox before 1.0.1 and Mozilla before 1.7.6,

Firefox | before |

Firefox before 1.0.1 and Mozilla before 1.7.6, when displaying the HTTP Authentication dialog, do not change the focus to the tab that generated the prompt, which could facilitate spoofing and phishing attacks.


Firefox before 1.0.1 and Mozilla before 1.7.6 t

Firefox | before |

Firefox before 1.0.1 and Mozilla before 1.7.6 truncates long sub-domains or paths for display, which may allow remote malicious web sites to spoof legitimate sites and facilitate phishing attacks.


Opera 8 Beta 3, when using first-generation vet

first-generation | Organizational | certificates | certificate | information | facilitate | phishing | displays | spoofed | digital | attacks | easily | vetted | using | Opera | which | Beta | can | SSL |

Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks.


Mozilla Thunderbird 1.0 and Firefox 1.0.6 allow

Thunderbird | Firefox | Mozilla |

Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks.


Firefox before 1.0.7 and Mozilla Suite before 1

Firefox | before |

Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.


The iTAN Online-Banking Security System allows

man-in-the-middle | Online-Banking | attackers | Security | numbers | obtain | System | allows | remote | iTAN | via | TAN |

The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing" attack.


WmRoot/adapter-index.dsp in SAP Business Connec

WmRoot/adapter-indexdsp | Connector | attackers | spoofing | Business | earlier | conduct | remote | allows | Core | SAP | Fix |

WmRoot/adapter-index.dsp in SAP Business Connector Core Fix 7 and earlier allows remote attackers to conduct spoofing (phishing) attacks via an absolute URL in the url parameter, which loads the URL inside a frame.


Mozilla Firefox might allow remote attackers to

attackers | phishing | spoofing | conduct | writing | attacks | Firefox | Mozilla | remote | might | allow |

Mozilla Firefox might allow remote attackers to conduct spoofing and phishing attacks by writing to an about:blank tab and overlaying the location bar.


Mozilla Firefox 2.0.0.3 does not check URLs emb

Firefox | Mozilla |

Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.


Opera 9.10 does not check URLs embedded in (1)

Opera |

Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.


Mozilla Firefox 2.0.0.1 through 2.0.0.3 does no

Firefox | Mozilla |

Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / (slash) characters in the URL.


Visual truncation vulnerability in Opera 9.21 a

vulnerability | truncation | Visual | Opera |

Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication.


Visual truncation vulnerability in Konqueror 3.

vulnerability | truncation | Konqueror | Visual |

Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.


Visual truncation vulnerability in Mozilla 1.7.

vulnerability | truncation | Mozilla | Visual |

Visual truncation vulnerability in Mozilla 1.7.12 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.


Visual truncation vulnerability in Galeon 2.0.1

vulnerability | truncation | Galeon | Visual |

Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.


Software vulnerabilities results 1 to 20 of 68     
Page: 1234