Candidate: CVE-2009-3370
PublicDate: 2009-10-29 14:30:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3370
 https://ubuntu.com/security/notices/USN-853-1
Description:
 Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote
 attackers to read form history by forging mouse and keyboard events that
 leverage the auto-fill feature to populate form fields, in an
 attacker-readable form, with history entries.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: 
CVSS: 

Patches_firefox-3.5:
upstream_firefox-3.5: released (3.5.4)
dapper_firefox-3.5: DNE
hardy_firefox-3.5: DNE
intrepid_firefox-3.5: DNE
jaunty_firefox-3.5: released (3.5.4+nobinonly-0ubuntu0.9.04.1)
karmic_firefox-3.5: released (3.5.4+nobinonly-0ubuntu0.9.10.1)
devel_firefox-3.5: not-affected (3.6.3+nobinonly-0ubuntu4)


Patches_xulrunner-1.9.1:
upstream_xulrunner-1.9.1: released (1.9.1.4)
dapper_xulrunner-1.9.1: DNE
hardy_xulrunner-1.9.1: DNE
intrepid_xulrunner-1.9.1: DNE
jaunty_xulrunner-1.9.1: released (1.9.1.4+nobinonly-0ubuntu0.9.04.3)
karmic_xulrunner-1.9.1: released (1.9.1.4+nobinonly-0ubuntu0.9.10.1)
devel_xulrunner-1.9.1: DNE