1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
PublicDate: 2007-05-31
Candidate: CVE-2007-1362
References:
http://www.ubuntu.com/usn/usn-468-1
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362
Description:
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey
1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via
(1) a large cookie path parameter, which triggers memory consumption, or
(2) an internal delimiter within cookie path or name values, which could
trigger a misinterpretation of cookie data, aka "Path Abuse in Cookies."
Ubuntu-Description:
Notes:
Bugs:
dapper_midbrowser: DNE
edgy_midbrowser: DNE
feisty_midbrowser: DNE
devel_midbrowser: released (0.1.6b-0ubuntu2)
dapper_lightning-sunbird: DNE
edgy_lightning-sunbird: DNE
feisty_lightning-sunbird: DNE
devel_lightning-sunbird: released (0.5-0ubuntu4)
dapper_firefox: released (1.5.dfsg+1.5.0.13~prepatch070731-0ubuntu1)
edgy_firefox: released (2.0.0.6+0dfsg-0ubuntu0.6.10)
feisty_firefox: released (2.0.0.6+1-0ubuntu1)
devel_firefox: not-affected
dapper_iceape: DNE
edgy_iceape: DNE
feisty_iceape: DNE
devel_iceape: released (1.1.4-1ubuntu2)
upstream_firefox:
upstream_iceape:
upstream_lightning-sunbird:
upstream_midbrowser:
|