CVE-2007-3656
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.
Mozilla Firefox versiones anteriores a 1.8.0.13 y 1.8.1.x versiones anteriores a 1.8.1.5 no realiza comprobaciones de seguridad de zona cuando procesa un wyciwyg URI, lo cual permite a atacantes remotos obtener información confidencial, envenenar la caché de navegador, y posiblemente habilitar posteriores vectores de ataque mediante (1) controles de redirección HTTP 302, (2) XMLHttpRequest, ó (3) URIs de ver-código-fuente.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-07-10 CVE Reserved
- 2007-07-10 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-10-13 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (47)
URL | Date | SRC |
---|---|---|
http://lcamtuf.coredump.cx/ffcache | 2024-08-07 | |
https://bugzilla.mozilla.org/show_bug.cgi?id=387333 | 2024-08-07 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0 Search vendor "Mozilla" for product "Firefox" and version "1.0" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.1 Search vendor "Mozilla" for product "Firefox" and version "1.0.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.2 Search vendor "Mozilla" for product "Firefox" and version "1.0.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.3 Search vendor "Mozilla" for product "Firefox" and version "1.0.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.4 Search vendor "Mozilla" for product "Firefox" and version "1.0.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.5 Search vendor "Mozilla" for product "Firefox" and version "1.0.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.6 Search vendor "Mozilla" for product "Firefox" and version "1.0.6" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.7 Search vendor "Mozilla" for product "Firefox" and version "1.0.7" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.0.8 Search vendor "Mozilla" for product "Firefox" and version "1.0.8" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5 Search vendor "Mozilla" for product "Firefox" and version "1.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.1 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.2 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.3 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.4 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.5 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.6 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.6" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.7 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.7" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.8 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.8" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.9 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.9" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.10 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.10" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.11 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.11" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.0.12 Search vendor "Mozilla" for product "Firefox" and version "1.5.0.12" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.1 Search vendor "Mozilla" for product "Firefox" and version "1.5.1" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.2 Search vendor "Mozilla" for product "Firefox" and version "1.5.2" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.3 Search vendor "Mozilla" for product "Firefox" and version "1.5.3" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.4 Search vendor "Mozilla" for product "Firefox" and version "1.5.4" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.5 Search vendor "Mozilla" for product "Firefox" and version "1.5.5" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.6 Search vendor "Mozilla" for product "Firefox" and version "1.5.6" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.7 Search vendor "Mozilla" for product "Firefox" and version "1.5.7" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.5.8 Search vendor "Mozilla" for product "Firefox" and version "1.5.8" | - |
Affected
| ||||||
Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | 1.8 Search vendor "Mozilla" for product "Firefox" and version "1.8" | - |
Affected
|