Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 302 redirect to an arbitrary https web site.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox "HTTP CONNECT"响应中间人攻击漏洞
Vulnerability Description
Mozilla Firefox 3.0.10版本之前的版本在发生一个成功的SSL握手连接以前,会处理一个3xx HTTP CONNECT响应。中间人攻击者可以在一个http站点的内容中,通过修改该内容的响应并造成对任意http网络站点的一个302重定向信息,来执行任意web脚本。
CVSS Information
N/A
Vulnerability Type
N/A