Back to search
CVE-2011-0067
Published: May 7, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-2228
vendor-advisory
x_refsource_DEBIAN
MDVSA-2011:079
vendor-advisory
x_refsource_MANDRIVA
https://bugzilla.mozilla.org/show_bug.cgi?id=527935
x_refsource_CONFIRM
http://www.mozilla.org/security/announce/2011/mfsa2011-14.html
x_refsource_CONFIRM
DSA-2235
vendor-advisory
x_refsource_DEBIAN
oval:org.mitre.oval:def:14523
vdb-entry
signature
x_refsource_OVAL
DSA-2227
vendor-advisory
x_refsource_DEBIAN
http://downloads.avaya.com/css/P8/documents/100144158
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now