CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
Percentile
83.6%
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before
2.4 do not prevent manual add-on installation in response to the holding of
the Enter key, which allows user-assisted remote attackers to bypass
intended access restrictions via a crafted web site that triggers an
unspecified internal error.