FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2007-0778

This CVE name corresponds to:

Entered Topic
2007-02-24 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2007-0778
Phase Assigned(20070206)

Description

The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.

References

Source Reference
BUGTRAQ 20070226 rPSA-2007-0040-1 firefox
BUGTRAQ 20070303 rPSA-2007-0040-3 firefox thunderbird
CONFIRM http://www.mozilla.org/security/announce/2007/mfsa2007-03.html
MISC https://bugzilla.mozilla.org/show_bug.cgi?id=347852
CONFIRM https://issues.rpath.com/browse/RPL-1081
CONFIRM https://issues.rpath.com/browse/RPL-1103
DEBIAN DSA-1336
FEDORA FEDORA-2007-281
FEDORA FEDORA-2007-293
GENTOO GLSA-200703-04
GENTOO GLSA-200703-08
HP HPSBUX02153
HP SSRT061181
MANDRIVA MDKSA-2007:050
REDHAT RHSA-2007:0079
REDHAT RHSA-2007:0077
REDHAT RHSA-2007:0078
REDHAT RHSA-2007:0097
REDHAT RHSA-2007:0108
SGI 20070301-01-P
SGI 20070202-01-P
SLACKWARE SSA:2007-066-03
SLACKWARE SSA:2007-066-05
SUSE SUSE-SA:2007:019
SUSE SUSE-SA:2007:022
UBUNTU USN-428-1
BID 22694
OVAL oval:org.mitre.oval:def:9151
VUPEN ADV-2007-0718
VUPEN ADV-2008-0083
OSVDB 32110
SECTRACK 1017699
SECUNIA 24238
SECUNIA 24287
SECUNIA 24290
SECUNIA 24205
SECUNIA 24328
SECUNIA 24333
SECUNIA 24343
SECUNIA 24320
SECUNIA 24293
SECUNIA 24393
SECUNIA 24395
SECUNIA 24384
SECUNIA 24437
SECUNIA 24650
SECUNIA 24455
SECUNIA 24457
SECUNIA 24342
SECUNIA 25588
XF mozilla-diskcache-information-disclosure(32671)