CVE-2007-3145

Description

Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.

Affected products

• galeon / galeon_browser2.0.1 – 2.0.1

References

• MISChttp://www.securityfocus.com/bid/24352
• MISChttp://osvdb.org/43467
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/34983
• MISChttp://testing.bitsploit.de/test.html
• MISChttp://www.0x000000.com/?i=334