Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypass application protection mechanisms that rely on Referer headers, such as with some Cross-Site Request Forgery (CSRF) mechanisms.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Firefox | Mozilla | * | 2.0.0.12 (including) |
| Seamonkey | Mozilla | * | 1.1.8 (including) |
| Red Hat Enterprise Linux 2.1 | RedHat | seamonkey-0:1.0.9-0.14.el2 | * |
| Red Hat Enterprise Linux 3 | RedHat | seamonkey-0:1.0.9-0.16.el3 | * |
| Red Hat Enterprise Linux 4 | RedHat | firefox-0:1.5.0.12-0.14.el4 | * |
| Red Hat Enterprise Linux 4 | RedHat | seamonkey-0:1.0.9-15.el4 | * |
| Red Hat Enterprise Linux 4 | RedHat | thunderbird-0:1.5.0.12-10.el4 | * |
| Red Hat Enterprise Linux 5 | RedHat | firefox-0:1.5.0.12-14.el5_1 | * |
| Red Hat Enterprise Linux 5 | RedHat | thunderbird-0:1.5.0.12-11.el5_1 | * |
| Firefox | Ubuntu | dapper | * |
| Firefox | Ubuntu | edgy | * |
| Firefox | Ubuntu | feisty | * |
| Firefox | Ubuntu | gutsy | * |
| Firefox | Ubuntu | hardy | * |
| Firefox | Ubuntu | upstream | * |
| Iceape | Ubuntu | gutsy | * |
| Iceape | Ubuntu | upstream | * |
| Seamonkey | Ubuntu | devel | * |
| Seamonkey | Ubuntu | hardy | * |
| Seamonkey | Ubuntu | intrepid | * |
| Seamonkey | Ubuntu | upstream | * |
| Xulrunner | Ubuntu | devel | * |
| Xulrunner | Ubuntu | edgy | * |
| Xulrunner | Ubuntu | feisty | * |
| Xulrunner | Ubuntu | gutsy | * |
| Xulrunner | Ubuntu | hardy | * |
| Xulrunner | Ubuntu | intrepid | * |