NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2004-2657

Summary	Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner decision.
Publication Date	Dec. 31, 2004, 2 p.m.
Registration Date	Jan. 29, 2021, 6:01 p.m.
Last Update	Aug. 8, 2024, 11:15 a.m.

CVSS2.0 : LOW
Score	1.7
Vector	AV:L/AC:L/Au:S/C:P/I:N/A:N
攻撃元区分(AV)	ローカル
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	単一
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:mozilla:firefox:1.5.0.1:::::::*

Related information, measures and tools

No	URL	refsource	タグ
1	https://bugzilla.mozilla.org/show_bug.cgi?id=234680	MISC
2	https://bugzilla.mozilla.org/show_bug.cgi?id=330884	MISC
3	http://www.securityfocus.com/archive/1/431063/100/0/threaded	BUGTRAQ
4	http://www.securityfocus.com/archive/1/431021/100/0/threaded	BUGTRAQ

Common Vulnerabilities List