CVE-2007-0778

high

Description

The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/32671

https://bugzilla.mozilla.org/show_bug.cgi?id=347852

http://www.vupen.com/english/advisories/2008/0083

http://www.vupen.com/english/advisories/2007/0718

http://www.ubuntu.com/usn/usn-428-1

http://www.securityfocus.com/bid/22694

http://www.securityfocus.com/archive/1/461809/100/0/threaded

http://www.securityfocus.com/archive/1/461336/100/0/threaded

http://www.redhat.com/support/errata/RHSA-2007-0108.html

http://www.redhat.com/support/errata/RHSA-2007-0097.html

http://www.redhat.com/support/errata/RHSA-2007-0079.html

http://www.redhat.com/support/errata/RHSA-2007-0078.html

http://www.mozilla.org/security/announce/2007/mfsa2007-03.html

http://www.mandriva.com/security/advisories?name=MDKSA-2007:050

http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml

http://www.debian.org/security/2007/dsa-1336

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851

http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131

http://securitytracker.com/id?1017699

http://security.gentoo.org/glsa/glsa-200703-04.xml

http://secunia.com/advisories/25588

http://secunia.com/advisories/24650

http://secunia.com/advisories/24457

http://secunia.com/advisories/24455

http://secunia.com/advisories/24437

http://secunia.com/advisories/24395

http://secunia.com/advisories/24393

http://secunia.com/advisories/24384

http://secunia.com/advisories/24343

http://secunia.com/advisories/24342

http://secunia.com/advisories/24333

http://secunia.com/advisories/24328

http://secunia.com/advisories/24320

http://secunia.com/advisories/24293

http://secunia.com/advisories/24290

http://secunia.com/advisories/24287

http://secunia.com/advisories/24238

http://secunia.com/advisories/24205

http://rhn.redhat.com/errata/RHSA-2007-0077.html

Details

Source: Mitre, NVD

Published: 2007-02-26

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5.4

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High