CVE-2004-2657 — Mozilla Firefox vulnerability

3 documents3 sources

Severity

1.7LOWNVD

EPSS

0.1%

top 65.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Debian Firefox

Timeline

PublishedDec 31

Latest updateApr 29

Description

Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner de…

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.1 | Impact: 2.9

Affected Packages2 packages

▶NVDmozilla/firefox1.5.0.1

▶debiandebian/firefox

🔴Vulnerability Details

GHSA

GHSA-qgjc-6844-xqv9: ** DISPUTED ** Mozilla Firefox 1↗2022-04-29

▶

📋Vendor Advisories

Debian

CVE-2004-2657: firefox - Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of ...↗2004

▶