What is the severity of CVE-2007-6536?

CVE-2007-6536 has a severity rating that indicates it can potentially allow remote attackers to spoof domain names.

How do I fix CVE-2007-6536?

To fix CVE-2007-6536, you should upgrade to a newer version of Google Toolbar where this vulnerability is resolved.

What software is affected by CVE-2007-6536?

CVE-2007-6536 affects Google Toolbar versions 4 and 5 beta.

What are the implications of CVE-2007-6536?

The implications of CVE-2007-6536 include the possibility of users being tricked into installing malicious software due to spoofed domain names.

When was CVE-2007-6536 discovered?

CVE-2007-6536 was discovered in 2007.

Vulnerability/
CVE-2007-6536

medium

6.8

CWE

200

27/12/2007

7/8/2024

CVE-2007-6536: Infoleak

First published: Thu Dec 27 2007(Updated: )

The Custom Button Installer dialog in Google Toolbar 4 and 5 beta presents certain domain names in the (1) "Downloaded from" and (2) "Privacy considerations" sections without verifying domain names, which makes it easier for remote attackers to spoof domain names and trick users into installing malicious button XML files, as demonstrated by presenting www.google.com when the button was downloaded from an arbitrary site through an open redirector on www.google.com.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Google Toolbar	=5-beta
Google Toolbar	=4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-6536?
CVE-2007-6536 has a severity rating that indicates it can potentially allow remote attackers to spoof domain names.
How do I fix CVE-2007-6536?
To fix CVE-2007-6536, you should upgrade to a newer version of Google Toolbar where this vulnerability is resolved.
What software is affected by CVE-2007-6536?
CVE-2007-6536 affects Google Toolbar versions 4 and 5 beta.
What are the implications of CVE-2007-6536?
The implications of CVE-2007-6536 include the possibility of users being tricked into installing malicious software due to spoofed domain names.
When was CVE-2007-6536 discovered?
CVE-2007-6536 was discovered in 2007.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/last-modified-date
agent/references
agent/author
agent/severity
agent/first-publish-date
agent/event
agent/description
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/google
canonical/google toolbar
version/google toolbar/5-beta
version/google toolbar/4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.