CVE-2006-6971

Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.

Published : 2007-02-07 11:28 Updated : 2008-09-05 21:16

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Mozilla Firefox 2.0.0.1 cpe:/a:mozilla:firefox:2.0.0.1
  1. Mozilla (1) Search CVE
    1. Firefox (1) Search CVE
      1. 2.0.0.1

CWE

ID Name Description Links
CWE-20 Improper Input Validation The product does not validate or incorrectly validates input that can affect the control flow or data flow of a program. CVE

History of changes

Date Event
2007-02-07 11:28

New CVE