4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.4%
Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before
2.4 do not prevent manual add-on installation in response to the holding of
the Enter key, which allows user-assisted remote attackers to bypass
intended access restrictions via a crafted web site that triggers an
unspecified internal error.