CVE-2011-0067 Information

Description

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17 and SeaMonkey before 2.0.14 does not properly implement autocompletion for forms which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.

Reference

http://downloads.avaya.com/css/P8/documents/100144158 http://www.debian.org/security/2011/dsa-2227 http://www.debian.org/security/2011/dsa-2228 http://www.debian.org/security/2011/dsa-2235 http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 http://www.mozilla.org/security/announce/2011/mfsa2011-14.html https://bugzilla.mozilla.org/show_bug.cgi?id=527935 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14523