CVE-2015-7208 — Sensitive Information Exposure in Mozilla Firefox
Severity
5.3MEDIUMNVD
NVD5.0OSV10.0OSV5.0
EPSS
0.6%
top 29.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 16
Latest updateMay 14
Description
Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers.
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9
Affected Packages4 packages
Also affects: Fedora 22, 23
🔴Vulnerability Details
5📋Vendor Advisories
3💬Community
1Bugzilla▶
CVE-2015-7208 Mozilla: Firefox allows for control characters to be set in cookies (MFSA 2015-137)↗2015-12-15