CVE-2007-3145

{"id": "CVE-2007-3145", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-06-11T18:30:00.000", "references": [{"url": "http://osvdb.org/43467", "source": "cve@mitre.org"}, {"url": "http://testing.bitsploit.de/test.html", "source": "cve@mitre.org"}, {"url": "http://www.0x000000.com/?i=334", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24352", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/43467", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://testing.bitsploit.de/test.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.0x000000.com/?i=334", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/24352", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34983", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication."}, {"lang": "es", "value": "Vulnerabilidad de truncamiento visual en Galeon 2.0.1 permite a atacantes remotos envenenar la barra de direcci\u00f3n y posiblemente realizar ataques de phishing a trav\u00e9s de un nombre de host largo, el cual est\u00e1 truncado despu\u00e9s de un cierto n\u00famero de caract\u00e9res, como se demostr\u00f3 con la utilizaci\u00f3n de un ataque de phishing utilizando HTTP Basic Authentication."}], "lastModified": "2024-11-21T00:32:30.580", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:galeon:galeon_browser:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "332397C6-F2AC-4CA0-91B1-60A31522E737"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}