Lucene search
MitreCVE-2011-3866HistorySep 29, 2011 - 12:55 a.m.
CVE-2011-3866
2011-09-2900:55:03
CWE-264
mitre
web.nvd.nist.gov
40
mozilla
firefox
seamonkey
cve-2011-3866
vulnerability
motion data
javascript
keystrokes
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
64.5%
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion data events, which makes it easier for remote attackers to read keystrokes by leveraging JavaScript code running in a background tab.
Affected configurations
Node
mozillafirefoxRange≤7.0
Node
mozillaseamonkeyRange<2.4
Related
ubuntucve
ubuntucve
CVE-2011-3866
2011-09-29 00:00:00
prion
prion
Code injection
2011-09-29 00:55:00
nvd
nvd
CVE-2011-3866
2011-09-29 00:55:03
cvelist
cvelist
CVE-2011-3866
2011-09-29 00:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities - (MAC OS X)
2011-10-14 00:00:00
Mozilla Products Multiple Vulnerabilities - 01 - (Oct 2011) - Windows
2011-10-04 00:00:00
Mozilla Products Multiple Vulnerabilities - Oct 2011 (Windows 01)
2011-10-04 00:00:00
nessus
nessus
GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
2013-01-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
9.1
Confidence
High
EPSS
0.002
Percentile
64.5%
Related for CVE-2011-3866