* Nico Golde: > the following CVE (Common Vulnerabilities & Exposures) id was > published for iceweasel. > > CVE-2007-1762[0]: > | Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs > | before checking them against the phishing site blacklist, which allows > | remote attackers to bypass phishing protection via multiple / (slash) > | characters in the URL.
I strongly doubt that this relevant anyway. The attacker cannot retroactively change the URLs that have been spammed, so Google just needs to make sure that that they blacklist the actually used form of the URL. (It's pretty easy to bypass the blacklist anyway. I see it all the time. 8-/) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
