CVE-2007-1736

NameCVE-2007-1736
DescriptionMozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severityhigh (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
iceweasel (PTS)wheezy, wheezy (security)38.8.0esr-1~deb7u1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
iceweaselsource(unstable)(unfixed)unimportant

Notes

I don't believe this has relevant security impact, such a black list
will register URLs found in the wild and the used adresses will be
volatile anyway

Search for package or bug name: Reporting problems