{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3140?format=json","vulnerability_id":"VCID-ffnp-4cx7-4ucu","summary":"Aad reported that two web pages can collide in the disk cache\nwith the result that depending on order loaded the end of the longer\ndocument can be appended to the shorter when the shorter is reloaded from\nthe cache. It is possible a determined hacker could construct a targeted\nattack to steal some sensitive data from a particular web page (for example,\ntransaction history from a financial account). The potential victim would\nhave to be already logged into the targeted service (or be fooled into doing\nso) and then visit the malicious site.We have not calculated how much effort would be required to compute a colliding\nURL on a different host from the target page.","aliases":[{"alias":"CVE-2007-0778"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1265?format=json","purl":"pkg:mozilla/SeaMonkey@1.0.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:mozilla/SeaMonkey@1.0.8"}],"affected_packages":[],"references":[{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778","reference_id":"CVE-2007-0778","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-03","reference_id":"mfsa2007-03","reference_type":"","scores":[{"value":"none","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2007-03"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffnp-4cx7-4ucu"}