5.4

CVE-2007-0778

EPSS 1.04%
Veröffentlicht 26.02.2007 20:28:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 53

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Firefox Version >= 1.5 < 1.5.0.10

Mozilla ≫ Firefox Version >= 2.0 < 2.0.0.2

Mozilla ≫ Seamonkey Version < 1.0.8

Canonical ≫ Ubuntu Linux Version5.10

Canonical ≫ Ubuntu Linux Version6.06 SwEditionlts

Canonical ≫ Ubuntu Linux Version6.10

Debian ≫ Debian Linux Version3.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.04%	0.764

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.4	4.9	6.9	AV:N/AC:H/Au:N/C:C/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.vupen.com/english/advisories/2008/0083

Third Party Advisory

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742

Broken Link

ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc

Broken Link

ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc

Broken Link

http://fedoranews.org/cms/node/2713

Broken Link

http://fedoranews.org/cms/node/2728

Broken Link

http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html

Broken Link

http://rhn.redhat.com/errata/RHSA-2007-0077.html

Third Party Advisory

http://secunia.com/advisories/24205

Third Party Advisory

http://secunia.com/advisories/24238

Third Party Advisory

http://secunia.com/advisories/24287

Third Party Advisory

http://secunia.com/advisories/24290

Third Party Advisory

http://secunia.com/advisories/24293

Third Party Advisory

http://secunia.com/advisories/24320

Third Party Advisory

http://secunia.com/advisories/24328

Third Party Advisory

http://secunia.com/advisories/24333

Third Party Advisory

http://secunia.com/advisories/24342

Third Party Advisory

http://secunia.com/advisories/24343

Third Party Advisory

http://secunia.com/advisories/24384

Third Party Advisory

http://secunia.com/advisories/24393

Third Party Advisory

http://secunia.com/advisories/24395

Third Party Advisory

http://secunia.com/advisories/24437

Third Party Advisory

http://secunia.com/advisories/24457

Third Party Advisory

http://secunia.com/advisories/24650

Third Party Advisory

http://secunia.com/advisories/25588

Third Party Advisory

http://security.gentoo.org/glsa/glsa-200703-04.xml

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

Third Party Advisory

Mailing List

http://www.debian.org/security/2007/dsa-1336

Third Party Advisory

http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml

Third Party Advisory

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

Third Party Advisory

http://www.novell.com/linux/security/advisories/2007_22_mozilla.html

Broken Link

http://www.redhat.com/support/errata/RHSA-2007-0078.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0079.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0097.html

Third Party Advisory

http://www.redhat.com/support/errata/RHSA-2007-0108.html

Third Party Advisory

http://www.securityfocus.com/archive/1/461336/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/archive/1/461809/100/0/threaded

Third Party Advisory

VDB Entry

http://www.securityfocus.com/bid/22694

Third Party Advisory

VDB Entry

http://www.ubuntu.com/usn/usn-428-1

Third Party Advisory

http://www.vupen.com/english/advisories/2007/0718

Third Party Advisory

https://issues.rpath.com/browse/RPL-1081

Broken Link

https://issues.rpath.com/browse/RPL-1103

Broken Link

http://secunia.com/advisories/24455

Third Party Advisory

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

Third Party Advisory

Mailing List

http://securitytracker.com/id?1017699

Third Party Advisory

VDB Entry

http://www.mozilla.org/security/announce/2007/mfsa2007-03.html

Patch

Vendor Advisory

http://www.osvdb.org/32110

Broken Link

https://bugzilla.mozilla.org/show_bug.cgi?id=347852

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/32671

Third Party Advisory

VDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9151

Broken Link

https://nvd.nist.gov/vuln/detail/CVE-2007-0778

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0778

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0778

EUVD