Home > Vulnerability Database > CVE-2007-4879

Mend.io Vulnerability Database

CVE-2007-4879

Date: September 13, 2007

Mozilla Firefox before Firefox 2.0.0.13, and SeaMonkey before 1.1.9, can automatically install TLS client certificates with minimal user interaction, and automatically sends these certificates when requested, which makes it easier for remote web sites to track user activities across domains by requesting the TLS client certificates from other domains.

Severity Score

5.3

Related Resources (30)

Url: http://secunia.com/advisories/29560

Url: http://secunia.com/advisories/29541

Url: http://secunia.com/advisories/29539

Url: http://secunia.com/advisories/29616

Url: http://secunia.com/advisories/29558

Url: http://0x90.eu/ff_tls_poc.html

Url: http://sunsolve.sun.com/search/document.do?assetkey=1-26-238492-1

Url: http://www.securityfocus.com/bid/28448

Url: http://www.vupen.com/english/advisories/2008/1793/references

Url: http://www.vupen.com/english/advisories/2008/0998/references

Url: http://www.securitytracker.com/id?1019704

Url: http://secunia.com/advisories/30327

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-4879

Url: http://secunia.com/advisories/30620

Url: http://www.us-cert.gov/cas/techalerts/TA08-087A.html

Url: http://www.debian.org/security/2008/dsa-1535

Url: http://www.debian.org/security/2008/dsa-1534

Url: http://www.securityfocus.com/archive/1/490196/100/0/threaded

Url: http://www.mozilla.org/security/announce/2008/mfsa2008-17.html

Url: http://www.debian.org/security/2008/dsa-1532

Url: http://www.ubuntu.com/usn/usn-592-1

Url: http://www.gentoo.org/security/en/glsa/glsa-200805-18.xml

Url: http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128

Url: http://secunia.com/advisories/29645

Url: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00002.html

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2008:080

Url: http://secunia.com/advisories/29547

Url: http://secunia.com/advisories/29526

Url: https://bugzilla.mozilla.org/show_bug.cgi?id=395399

Url: https://www.mend.io/vulnerability-database/CVE-2007-4879

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2007-4879

Date: September 13, 2007

Severity Score

Related Resources (30)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?