Lucene search

K
ubuntucveUbuntu.comUB:CVE-2010-1125
HistoryMar 26, 2010 - 12:00 a.m.

CVE-2010-1125

2010-03-2600:00:00
ubuntu.com
ubuntu.com
5

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and
3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to
send selected keystrokes to a form field in a hidden frame, instead of the
intended form field in a visible frame, via certain calls to the focus
method.

Notes

Author Note
jdstrand CVEs in Firefox are tracked in the xulrunner source packages. The mapping of xulrunner sources to firefox is: xulrunner (1.8.0): firefox (1.5) - Ubuntu 6.06 LTS xulrunner (1.8.1): firefox (2.0) - Ubuntu 6.10 - 8.04 LTS xulrunner-1.9: firefox-3.0 xulrunner-1.9.1: firefox-3.5 Ubuntu 6.06 LTS and 10.04 LTS uses the embedded xulrunner and not the system xulrunner-1.9.2, so it is tracked in the firefox source package.
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchfirefox< 3.6.6+nobinonly-0ubuntu0.10.04.1UNKNOWN
ubuntu8.04noarchxulrunner-1.9.2< 1.9.2.6+nobinonly-0ubuntu0.8.04.1UNKNOWN
ubuntu9.04noarchxulrunner-1.9.2< 1.9.2.7+build2+nobinonly-0ubuntu0.9.04.2UNKNOWN
ubuntu9.10noarchxulrunner-1.9.2< 1.9.2.7+build2+nobinonly-0ubuntu0.9.10.2UNKNOWN
ubuntu10.04noarchxulrunner-1.9.2< 1.9.2.6+nobinonly-0ubuntu0.10.04.1UNKNOWN

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.006 Low

EPSS

Percentile

78.3%

Related for UB:CVE-2010-1125