Your submission was sent successfully! Close

CVE-2009-3370

Published: 29 October 2009

Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.

Priority

Medium

Status

Package Release Status
firefox-3.5
Launchpad, Ubuntu, Debian
Upstream
Released (3.5.4)
xulrunner-1.9.1
Launchpad, Ubuntu, Debian
Upstream
Released (1.9.1.4)