1. Home
  2. Vulnerabilities
  3. CVE-2007-1362

CVE-2007-1362

CVSS v2.0 4.3 (Medium)
43% Progress
EPSS 28.37 % (97th)
28.37% Progress
Affected Products 2
Advisories 9
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter within cookie path or name values, which could trigger a misinterpretation of cookie data, aka "Path Abuse in Cookies."

Weaknesses
CWE-20
Improper Input Validation
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2007-06-01 00:30:00
(17 years ago)
Updated Date
2018-10-16 16:38:18
(6 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 1.5.0.1 cpe:2.3:a:mozilla:firefox:1.5.0.1
  Mozilla Firefox 1.5.0.2 cpe:2.3:a:mozilla:firefox:1.5.0.2
  Mozilla Firefox 1.5.0.3 cpe:2.3:a:mozilla:firefox:1.5.0.3
  Mozilla Firefox 1.5.0.4 cpe:2.3:a:mozilla:firefox:1.5.0.4
  Mozilla Firefox 1.5.0.5 cpe:2.3:a:mozilla:firefox:1.5.0.5
  Mozilla Firefox 1.5.0.6 cpe:2.3:a:mozilla:firefox:1.5.0.6
  Mozilla Firefox 1.5.0.7 cpe:2.3:a:mozilla:firefox:1.5.0.7
  Mozilla Firefox 1.5.0.8 cpe:2.3:a:mozilla:firefox:1.5.0.8
  Mozilla Firefox 1.5.0.9 cpe:2.3:a:mozilla:firefox:1.5.0.9
  Mozilla Firefox 1.5.0.10 cpe:2.3:a:mozilla:firefox:1.5.0.10
  Mozilla Firefox 1.5.0.11 cpe:2.3:a:mozilla:firefox:1.5.0.11
  Mozilla Firefox 1.5.1 cpe:2.3:a:mozilla:firefox:1.5.1
  Mozilla Firefox 1.5.2 cpe:2.3:a:mozilla:firefox:1.5.2
  Mozilla Firefox 1.5.3 cpe:2.3:a:mozilla:firefox:1.5.3
  Mozilla Firefox 1.5.4 cpe:2.3:a:mozilla:firefox:1.5.4
  Mozilla Firefox 1.5.5 cpe:2.3:a:mozilla:firefox:1.5.5
  Mozilla Firefox 1.5.6 cpe:2.3:a:mozilla:firefox:1.5.6
  Mozilla Firefox 1.5.7 cpe:2.3:a:mozilla:firefox:1.5.7
  Mozilla Firefox 1.5.8 cpe:2.3:a:mozilla:firefox:1.5.8
  Mozilla Firefox 2.0 cpe:2.3:a:mozilla:firefox:2.0
  Mozilla Firefox 2.0.0.1 cpe:2.3:a:mozilla:firefox:2.0.0.1
  Mozilla Firefox 2.0.0.2 cpe:2.3:a:mozilla:firefox:2.0.0.2
  Mozilla Firefox 2.0.0.3 cpe:2.3:a:mozilla:firefox:2.0.0.3
  Mozilla Seamonkey 1.0.9 cpe:2.3:a:mozilla:seamonkey:1.0.9
  Mozilla Seamonkey 1.1.2 cpe:2.3:a:mozilla:seamonkey:1.1.2