Back to search
CVE-2011-3663
Published: Dec 21, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MDVSA-2011:192
vendor-advisory
x_refsource_MANDRIVA
47334
third-party-advisory
x_refsource_SECUNIA
1026447
vdb-entry
x_refsource_SECTRACK
1026446
vdb-entry
x_refsource_SECTRACK
https://bugzilla.mozilla.org/show_bug.cgi?id=704482
x_refsource_CONFIRM
49055
third-party-advisory
x_refsource_SECUNIA
1026445
vdb-entry
x_refsource_SECTRACK
http://www.mozilla.org/security/announce/2011/mfsa2011-56.html
x_refsource_CONFIRM
firefox-svg-animation-info-disc(71911)
vdb-entry
x_refsource_XF
oval:org.mitre.oval:def:14739
vdb-entry
signature
x_refsource_OVAL
47302
third-party-advisory
x_refsource_SECUNIA
77954
vdb-entry
x_refsource_OSVDB
openSUSE-SU-2012:0039
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2012:0007
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now