|
|
CVE Reference: CVE-2004-0779 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-0779 |
|
|
Description: The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/17018 MANDRAKE http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:082 CONFIRM http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7 http://bugzilla.mozilla.org/show_bug.cgi?id=226278 |
|
| Return to the previous page. |
