1. Home
  2. Vulnerabilities
  3. CVE-2007-3656

CVE-2007-3656

CVSS v2.0 6.8 (Medium)
68% Progress
EPSS 92.09 % (99th)
92.09% Progress
Affected Products 1
Advisories 11
Info CVSS EPSS CAPEC Affected Configurations References Security Advisories Packages & Software Tools, Exploits & PoC Graph Web & Social Timeline

Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further attack vectors via (1) HTTP 302 redirect controls, (2) XMLHttpRequest, or (3) view-source URIs.

Weaknesses
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2007-07-10 19:30:00
(17 years ago)
Updated Date
2018-10-15 21:29:37
(6 years ago)

Affected Products

Mozilla

Configuration #1

    CPE23 From Up To
  Mozilla Firefox 1.0 cpe:2.3:a:mozilla:firefox:1.0
  Mozilla Firefox 1.0.1 cpe:2.3:a:mozilla:firefox:1.0.1
  Mozilla Firefox 1.0.2 cpe:2.3:a:mozilla:firefox:1.0.2
  Mozilla Firefox 1.0.3 cpe:2.3:a:mozilla:firefox:1.0.3
  Mozilla Firefox 1.0.4 cpe:2.3:a:mozilla:firefox:1.0.4
  Mozilla Firefox 1.0.5 cpe:2.3:a:mozilla:firefox:1.0.5
  Mozilla Firefox 1.0.6 cpe:2.3:a:mozilla:firefox:1.0.6
  Mozilla Firefox 1.0.7 cpe:2.3:a:mozilla:firefox:1.0.7
  Mozilla Firefox 1.0.8 cpe:2.3:a:mozilla:firefox:1.0.8
  Mozilla Firefox 1.5 cpe:2.3:a:mozilla:firefox:1.5
  Mozilla Firefox 1.5.0.1 cpe:2.3:a:mozilla:firefox:1.5.0.1
  Mozilla Firefox 1.5.0.2 cpe:2.3:a:mozilla:firefox:1.5.0.2
  Mozilla Firefox 1.5.0.3 cpe:2.3:a:mozilla:firefox:1.5.0.3
  Mozilla Firefox 1.5.0.4 cpe:2.3:a:mozilla:firefox:1.5.0.4
  Mozilla Firefox 1.5.0.5 cpe:2.3:a:mozilla:firefox:1.5.0.5
  Mozilla Firefox 1.5.0.6 cpe:2.3:a:mozilla:firefox:1.5.0.6
  Mozilla Firefox 1.5.0.7 cpe:2.3:a:mozilla:firefox:1.5.0.7
  Mozilla Firefox 1.5.0.8 cpe:2.3:a:mozilla:firefox:1.5.0.8
  Mozilla Firefox 1.5.0.9 cpe:2.3:a:mozilla:firefox:1.5.0.9
  Mozilla Firefox 1.5.0.10 cpe:2.3:a:mozilla:firefox:1.5.0.10
  Mozilla Firefox 1.5.0.11 cpe:2.3:a:mozilla:firefox:1.5.0.11
  Mozilla Firefox 1.5.0.12 cpe:2.3:a:mozilla:firefox:1.5.0.12
  Mozilla Firefox 1.5.1 cpe:2.3:a:mozilla:firefox:1.5.1
  Mozilla Firefox 1.5.2 cpe:2.3:a:mozilla:firefox:1.5.2
  Mozilla Firefox 1.5.3 cpe:2.3:a:mozilla:firefox:1.5.3
  Mozilla Firefox 1.5.4 cpe:2.3:a:mozilla:firefox:1.5.4
  Mozilla Firefox 1.5.5 cpe:2.3:a:mozilla:firefox:1.5.5
  Mozilla Firefox 1.5.6 cpe:2.3:a:mozilla:firefox:1.5.6
  Mozilla Firefox 1.5.7 cpe:2.3:a:mozilla:firefox:1.5.7
  Mozilla Firefox 1.5.8 cpe:2.3:a:mozilla:firefox:1.5.8
  Mozilla Firefox 1.8 cpe:2.3:a:mozilla:firefox:1.8