CVE-2011-3866
Priority
Medium
Description
Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly
restrict availability of motion data events, which makes it easier for
remote attackers to read keystrokes by leveraging JavaScript code running
in a background tab.
restrict availability of motion data events, which makes it easier for
remote attackers to read keystrokes by leveraging JavaScript code running
in a background tab.
References
Notes
jdstrand> does not affect firefox 3.6
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | needed |
| Ubuntu 11.10 (Oneiric Ocelot): | ignored (reached end-of-life) |
| Ubuntu 12.04 LTS (Precise Pangolin): | DNE |
| Ubuntu 12.10 (Quantal Quetzal): | DNE |
| Ubuntu 13.04 (Raring Ringtail): | DNE |
| Ubuntu 13.10 (Saucy Salamander): | DNE |
Package
| Upstream: | needs-triage |
| Ubuntu 8.04 LTS (Hardy Heron): | ignored (reached end-of-life) |
| Ubuntu 10.04 LTS (Lucid Lynx): | not-affected |
| Ubuntu 11.10 (Oneiric Ocelot): | not-affected (7.0.1+build1+nobinonly-0ubuntu1) |
| Ubuntu 12.04 LTS (Precise Pangolin): | not-affected (7.0.1+build1+nobinonly-0ubuntu1) |
| Ubuntu 12.10 (Quantal Quetzal): | not-affected (7.0.1+build1+nobinonly-0ubuntu1) |
| Ubuntu 13.04 (Raring Ringtail): | not-affected (7.0.1+build1+nobinonly-0ubuntu1) |
| Ubuntu 13.10 (Saucy Salamander): | not-affected (7.0.1+build1+nobinonly-0ubuntu1) |