CVE-2007-0778

Name	CVE-2007-0778
Description	The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive information or enable further attack vectors when the target page is reloaded from the cache.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DSA-1336-1

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin
iceape	source	(unstable)	1.0.8-1	low
iceweasel	source	(unstable)	2.0.0.2+dfsg-1	low
mozilla-firefox	source	sarge	1.0.4-2sarge17		DSA-1336-1
xulrunner	source	(unstable)	1.8.0.10-1	low

Notes

MFSA-2007-03
[sarge] - mozilla-firefox <no-dsa> (Mozilla products from Sarge no longer supported)
[sarge] - mozilla <no-dsa> (Mozilla products from Sarge no longer supported)