Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16201
HistoryFeb 27, 2007 - 12:00 a.m.

Mozilla Foundation Security Advisory 2007-03

2007-02-2700:00:00
vulners.com
24

Mozilla Foundation Security Advisory 2007-03
Title: Information disclosure through cache collisions
Impact: Moderate
Announced: February 23, 2007
Reporter: Aad
Products: Firefox, SeaMonkey

Fixed in: Firefox 2.0.0.2
Firefox 1.5.0.10
SeaMonkey 1.0.8
Description
Aad reported that two web pages can collide in the disk cache with the result that depending on order loaded the end of the longer document can be appended to the shorter when the shorter is reloaded from the cache. It is possible a determined hacker could construct a targeted attack to steal some sensitive data from a particular web page (for example, transaction history from a financial account). The potential victim would have to be already logged into the targeted service (or be fooled into doing so) and then visit the malicious site.

We have not calculated how much effort would be required to compute a colliding URL on a different host from the target page.
Workaround
Temporarily set the disk cache size to zero (0) in the preferences until you can upgrade to a fixed version.
References
CVE-2007-0778
https://bugzilla.mozilla.org/show_bug.cgi?id=347852