Описание
The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:firebirdsql:firebird:0.7:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:0.8:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:mozilla:1.6:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00786
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 21 год назад
The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers ...
github
около 3 лет назад
The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.
EPSS
Процентиль: 73%
0.00786
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other