Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2007-1362 — Improper Input Validation in Mozilla Firefox
Severity
4.3MEDIUMNVD
EPSS
45.9%
top 2.36%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJun 1
Latest updateMay 1
Description
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter within cookie path or name values, which could trigger a misinterpretation of cookie data, aka "Path Abuse in Cookies."
CVSS vector
AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9
Affected Packages2 packages
Patches
🔴Vulnerability Details
1💥Exploits & PoCs
1📋Vendor Advisories
2💬Community
7Bugzilla▶
CVE-2007-1362 Miltiple Thunderbird flaws (CVE-2007-1558, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2871)↗2007-06-18
Bugzilla▶
CVE-2007-1362 Miltiple Thunderbird flaws (CVE-2007-1558, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2871)↗2007-05-31
Bugzilla▶
CVE-2007-1362 Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871)↗2007-05-31
Bugzilla▶
CVE-2007-1362 Miltiple Seamonkey flaws (CVE-2007-1562, CVE-2007-1558, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871)↗2007-05-31
Bugzilla▶
CVE-2007-1362 Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871)↗2007-05-29