mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
840 B
840 B
CVE-2009-3008
Description
K-Meleon 1.5.3 allows context-dependent attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary file: URL after a victim has visited any file: URL, as demonstrated by a visit to a file: document written by the attacker.
POC
Reference
- http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html
- http://lostmon.blogspot.com/2009/08/multiple-browsers-fake-url-folder-file.html
Github
No PoCs found on GitHub currently.