Unrated severityNVD Advisory· Published Aug 28, 2009· Updated Jun 16, 2026
CVE-2009-3004
CVE-2009-3004
Description
Avant Browser 11.7 Builds 35 and 36 allows remote attackers to spoof the address bar, via window.open with a relative URI, to show an arbitrary URL on the web site visited by the victim, as demonstrated by a visit to an attacker-controlled web page, which triggers a spoofed login form for the site containing that page. NOTE: a related attack was reported in which an arbitrary file: URL is shown.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:avant_force:avant_browser:11.7:*:*:*:*:*:*:*
- Range: =11.7 Build 35, =11.7 Build 36
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.