Mozilla Foundation Security Advisory 2011-14

2011-05-01T00:00:00
ID SECURITYVULNS:DOC:26239
Type securityvulns
Reporter Securityvulns
Modified 2011-05-01T00:00:00

Description

Mozilla Foundation Security Advisory 2011-14

Title: Information stealing via form history Impact: Moderate Announced: April 28, 2011 Reporter: Paul Stone Products: Firefox, SeaMonkey

Fixed in: Firefox 3.6.17 Firefox 3.5.19 SeaMonkey 2.0.14 Description

Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history.

Firefox 4 was not affected by this issue. References

https://bugzilla.mozilla.org/show_bug.cgi?id=527935
CVE-2011-0067