Mozilla Foundation Security Advisory 2011-14
Title: Information stealing via form history
Impact: Moderate
Announced: April 28, 2011
Reporter: Paul Stone
Products: Firefox, SeaMonkey
Fixed in: Firefox 3.6.17
Firefox 3.5.19
SeaMonkey 2.0.14
Description
Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history.
Firefox 4 was not affected by this issue.
References
https://bugzilla.mozilla.org/show_bug.cgi?id=527935
CVE-2011-0067