Mozilla Firefox 2.0.0.3 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection.Referenceshttp://securityreason.com/securityalert/2488http://www.securityfocus.com/archive/1/464041/100/0/threadedhttps://exchange.xforce.ibmcloud.com/vulnerabilities/33487
