Lucene search
HistorySep 29, 2011 - 12:55 a.m.
CVE-2011-3866
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
64.5%
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion data events, which makes it easier for remote attackers to read keystrokes by leveraging JavaScript code running in a background tab.
Affected configurations
Node
mozillafirefoxRange≤7.0
Node
mozillaseamonkeyRange<2.4
Related
cve
cve
CVE-2011-3866
2011-09-29 00:55:03
ubuntucve
ubuntucve
CVE-2011-3866
2011-09-29 00:00:00
prion
prion
Code injection
2011-09-29 00:55:00
cvelist
cvelist
CVE-2011-3866
2011-09-29 00:00:00
openvas
openvas
Mozilla Products Multiple Vulnerabilities - (MAC OS X)
2011-10-14 00:00:00
Mozilla Products Multiple Vulnerabilities - 01 - (Oct 2011) - Windows
2011-10-04 00:00:00
Mozilla Products Multiple Vulnerabilities - Oct 2011 (Windows 01)
2011-10-04 00:00:00
nessus
nessus
GLSA-201301-01 : Mozilla Products: Multiple vulnerabilities (BEAST)
2013-01-08 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2013-01-08 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.002
Percentile
64.5%
Related for NVD:CVE-2011-3866