CVE-2009-3370 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2009-3370
Status UNKNOWN
Description Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.
Severity Medium
CVSS score 5
CVSS vector (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Phase ASSIGNED (21.08.2010)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3370
References CONFIRM : http://www.mozilla.org/security/announce/2009/mfsa...
CONFIRM : https://bugzilla.mozilla.org/show_bug.cgi?id=511615
MANDRIVA : MDVSA-2009:294
OVAL : oval:org.mitre.oval:def:10836
OVAL : oval:org.mitre.oval:def:6455
SUNALERT : 272909
VUPEN : ADV-2009-3334
SecurityVulns: Mozilla Firefox / Seamonkey multiple security vulnerabilities

test server