Lucene search
MitreCVE-2007-1116HistoryFeb 26, 2007 - 11:28 p.m.
CVE-2007-1116
2007-02-2623:28:00
CWE-200
mitre
web.nvd.nist.gov
37
mozilla
firefox
checkloaduri
information disclosure
vulnerability
nvd
cve-2007-1116
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0.015
Percentile
87.2%
The CheckLoadURI function in Mozilla Firefox 1.8 lists the about: URI as a ChromeProtocol and can be loaded via JavaScript, which allows remote attackers to obtain sensitive information by querying the browser’s session history.
Affected configurations
Node
mozillafirefoxMatch1.8
Related
cvelist
cvelist
CVE-2007-1116
2007-02-26 23:00:00
securityvulns
securityvulns
Mozilla Firefox information leak
2008-02-23 00:00:00
prion
prion
Input validation
2007-02-26 23:28:00
nvd
nvd
CVE-2007-1116
2007-02-26 23:28:00
ubuntucve
ubuntucve
CVE-2007-1116
2007-02-26 00:00:00
osv
osv
xulrunner
2007-06-12 00:00:00
iceweasel - several vulnerabilities
2007-06-14 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1308-1)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1300-1)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1306-1)
2008-01-17 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
5.9
Confidence
Low
EPSS
0.015
Percentile
87.2%
Related for CVE-2007-1116