VYPR
Unrated severityNVD Advisory· Published Apr 11, 2007· Updated Jun 16, 2026

CVE-2007-1970

CVE-2007-1970

Description

Mozilla Firefox does not warn the user about HTTP elements on an HTTPS page when the HTTP elements are dynamically created by a delayed document.write, which allows remote attackers to supply unauthenticated content and conduct phishing attacks.

Affected products

4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.