Vulnerability Details CVE-2006-1650
Firefox 1.5.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks by re-opening the window to a malicious Shockwave Flash application, then changing the window location back to a trusted URL while the Flash application is still loading. NOTE: a followup was unable to replicate this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.4%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/archive/1/429927/100/0/threaded
- http://www.securityfocus.com/archive/1/430348/30/5730/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25634
- http://www.securityfocus.com/archive/1/429927/100/0/threaded
- http://www.securityfocus.com/archive/1/430348/30/5730/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25634