What is the severity of CVE-2004-2657?

The severity of CVE-2004-2657 is low.

Is CVE-2004-2657 affecting all versions of Mozilla Firefox?

CVE-2004-2657 specifically affects version 1.5.0.1 of Mozilla Firefox, but it may also affect other versions.

How can local users view the preserved records after reinstalling Firefox?

Local users who share a Windows profile can view the preserved records by performing a new installation of Firefox.

Are there any official references for CVE-2004-2657?

Yes, official references for CVE-2004-2657 include Bugzilla reports: https://bugzilla.mozilla.org/show_bug.cgi?id=234680 and https://bugzilla.mozilla.org/show_bug.cgi?id=330884, as well as a SecurityFocus archive: http://www.securityfocus.com/archive/1/431063/100/0/threaded.

Vulnerability/
CVE-2004-2657

low

1.7

CWE

NVD-CWE-Other

31/12/2004

20/4/2006

8/8/2024

CVE-2004-2657

First published: Fri Dec 31 2004(Updated: )

** DISPUTED ** Mozilla Firefox 1.5.0.1, and possibly other versions, preserves some records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox, as reported for the list of Passwords Never Saved web sites. NOTE: The vendor has disputed this issue, stating that "The uninstaller is primarily there to uninstall the application. It is not there to uninstall user data. For the moment I will stick by my module-owner decision."

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Mozilla Firefox	=1.5.0.1
	=1.5.0.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2004-2657?
The severity of CVE-2004-2657 is low.
How does Mozilla Firefox 1.5.0.1 preserve records of user activity?
Mozilla Firefox 1.5.0.1 preserves records of user activity even after uninstalling, which allows local users who share a Windows profile to view the records after a new installation of Firefox.
Is CVE-2004-2657 affecting all versions of Mozilla Firefox?
CVE-2004-2657 specifically affects version 1.5.0.1 of Mozilla Firefox, but it may also affect other versions.
How can local users view the preserved records after reinstalling Firefox?
Local users who share a Windows profile can view the preserved records by performing a new installation of Firefox.
Are there any official references for CVE-2004-2657?
Yes, official references for CVE-2004-2657 include Bugzilla reports: https://bugzilla.mozilla.org/show_bug.cgi?id=234680 and https://bugzilla.mozilla.org/show_bug.cgi?id=330884, as well as a SecurityFocus archive: http://www.securityfocus.com/archive/1/431063/100/0/threaded.

agent/references
agent/author
agent/type
agent/first-publish-date
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
agent/severity
agent/weakness
agent/status
agent/description
agent/softwarecombine
agent/event
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/last-modified-date
collector/mitre-cve
source/MITRE
vendor/mozilla
canonical/mozilla firefox
version/mozilla firefox/1.5.0.1
status/disputed

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.