// For flags

CVE-2007-3145

 

Severity Score

5.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Visual truncation vulnerability in Galeon 2.0.1 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication.

Vulnerabilidad de truncamiento visual en Galeon 2.0.1 permite a atacantes remotos envenenar la barra de dirección y posiblemente realizar ataques de phishing a través de un nombre de host largo, el cual está truncado después de un cierto número de caractéres, como se demostró con la utilización de un ataque de phishing utilizando HTTP Basic Authentication.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-06-11 CVE Reserved
  • 2007-06-11 CVE Published
  • 2024-04-14 EPSS Updated
  • 2024-08-07 CVE Updated
  • 2024-08-07 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Galeon
Search vendor "Galeon"
 Galeon Browser
Search vendor "Galeon" for product "Galeon Browser"
 2.0.1
Search vendor "Galeon" for product "Galeon Browser" and version "2.0.1"
-
Affected