CVE-2011-2372

Priority
Description
Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0,
and SeaMonkey before 2.4 do not prevent the starting of a download in
response to the holding of the Enter key, which allows user-assisted remote
attackers to bypass intended access restrictions via a crafted web site.
Notes
Package
Upstream:released (3.6.23, 7.0)
Package
Upstream:needs-triage (Ubuntu source uses 3.6.x)
Package
Upstream:needs-triage (Ubuntu source uses 3.6.x)
Package
Upstream:released (2.4)
Package
Upstream:released (3.1.5, 7.0)
Package
Upstream:released (1.9.2.23)
Package
Upstream:needed
More Information

Updated: 2019-12-05 20:57:15 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)