CVE-2007-0778

The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.
References
Link Resource
http://www.mozilla.org/security/announce/2007/mfsa2007-03.html Patch Vendor Advisory
https://bugzilla.mozilla.org/show_bug.cgi?id=347852 Issue Tracking
https://issues.rpath.com/browse/RPL-1081 Broken Link
https://issues.rpath.com/browse/RPL-1103 Broken Link
http://fedoranews.org/cms/node/2713 Broken Link
http://fedoranews.org/cms/node/2728 Broken Link
http://security.gentoo.org/glsa/glsa-200703-04.xml Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200703-08.xml Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0079.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2007-0077.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0078.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0097.html Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2007-0108.html Third Party Advisory
http://lists.suse.com/archive/suse-security-announce/2007-Mar/0001.html Broken Link
http://www.ubuntu.com/usn/usn-428-1 Third Party Advisory
http://www.securityfocus.com/bid/22694 Third Party Advisory VDB Entry
http://www.osvdb.org/32110 Broken Link
http://securitytracker.com/id?1017699 Third Party Advisory VDB Entry
http://secunia.com/advisories/24238 Third Party Advisory
http://secunia.com/advisories/24287 Third Party Advisory
http://secunia.com/advisories/24290 Third Party Advisory
http://secunia.com/advisories/24205 Third Party Advisory
http://secunia.com/advisories/24328 Third Party Advisory
http://secunia.com/advisories/24333 Third Party Advisory
http://secunia.com/advisories/24343 Third Party Advisory
http://secunia.com/advisories/24320 Third Party Advisory
http://secunia.com/advisories/24293 Third Party Advisory
http://secunia.com/advisories/24393 Third Party Advisory
http://secunia.com/advisories/24395 Third Party Advisory
http://secunia.com/advisories/24384 Third Party Advisory
http://secunia.com/advisories/24437 Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc Broken Link
http://secunia.com/advisories/24650 Third Party Advisory
http://www.debian.org/security/2007/dsa-1336 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:050 Third Party Advisory
ftp://patches.sgi.com/support/free/security/advisories/20070202-01-P.asc Broken Link
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.374851 Mailing List Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.338131 Mailing List Third Party Advisory
http://www.novell.com/linux/security/advisories/2007_22_mozilla.html Broken Link
http://secunia.com/advisories/24455 Third Party Advisory
http://secunia.com/advisories/24457 Third Party Advisory
http://secunia.com/advisories/24342 Third Party Advisory
http://secunia.com/advisories/25588 Third Party Advisory
http://www.vupen.com/english/advisories/2007/0718 Third Party Advisory
http://www.vupen.com/english/advisories/2008/0083 Third Party Advisory
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/32671 VDB Entry Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9151 Broken Link
http://www.securityfocus.com/archive/1/461809/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/461336/100/0/threaded Third Party Advisory VDB Entry
Configurations

Configuration 1

cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:seamonkey:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Information

Published : 2007-02-26 08:28

Updated : 2019-10-09 10:52


NVD link : CVE-2007-0778

Mitre link : CVE-2007-0778

Products Affected
No products.
CWE