CVE-2007-0778

Mozilla Firefox <1.5.0.10 & SeaMonkey <1.0.8 - Info Disclosure

Title source: llm
STIX 2.1

Description

The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.

References (50)

Core 50
Core References
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0078.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24395
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/461336/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24328
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0108.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200703-04.xml
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32671
Third Party Advisory vendor-advisory x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml
Mailing List, Third Party Advisory vendor-advisory x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24384
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24457
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24343
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2007/dsa-1336
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017699
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0718
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24650
Issue Tracking x_refsource_misc
https://bugzilla.mozilla.org/show_bug.cgi?id=347852
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/usn-428-1
Broken Link vdb-entry x_refsource_osvdb
http://www.osvdb.org/32110
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24320
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25588
Broken Link x_refsource_confirm
https://issues.rpath.com/browse/RPL-1103
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0083
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/461809/100/0/threaded
Broken Link vendor-advisory x_refsource_suse
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24293
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24238
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24393
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24342
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24287
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22694
Broken Link vendor-advisory x_refsource_fedora
http://fedoranews.org/cms/node/2713
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0097.html
Broken Link vendor-advisory x_refsource_fedora
http://fedoranews.org/cms/node/2728
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24205
Broken Link x_refsource_confirm
https://issues.rpath.com/browse/RPL-1081
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24333
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24290
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24455
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2007-0077.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_slackware
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0079.html
Patch, Vendor Advisory x_refsource_confirm
http://www.mozilla.org/security/announce/2007/mfsa2007-03.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24437

Scores

EPSS 0.0312
EPSS Percentile 86.3%

Details

CWE
CWE-200
Status published
Products (6)
canonical/ubuntu_linux 5.10
canonical/ubuntu_linux 6.06
canonical/ubuntu_linux 6.10
debian/debian_linux 3.1
mozilla/firefox 1.5 - 1.5.0.10
mozilla/seamonkey < 1.0.8
Published Feb 26, 2007
Tracked Since Feb 18, 2026