CVE-2011-3866

Priority
Medium
Description
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly
restrict availability of motion data events, which makes it easier for
remote attackers to read keystrokes by leveraging JavaScript code running
in a background tab.
References
Bugs
Notes
 jdstrand> does not affect firefox 3.6
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:needs-triage
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (7.0.1+build1+nobinonly-0ubuntu1)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (7.0.1+build1+nobinonly-0ubuntu1)
More Information

Valid XHTML 1.0 Strict

Updated: 2015-07-29 20:40:06 UTC (commit 9756)