← CVECheck
HomeVulnerabilities

CVE-2004-0779 — HIGH severity vulnerability (The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 we)

The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.

CVE IDCVE-2004-0779
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-08-18
Last modified2026-04-16
DescriptionThe (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →