FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2011-3663

This CVE name corresponds to:

Entered Topic
2011-12-21 mozilla -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2011-3663 at cve.mitre.org

Details

Type Candidate
Name CVE-2011-3663
Phase Assigned(20110923)

Description

Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.

References

Source Reference
CONFIRM http://www.mozilla.org/security/announce/2011/mfsa2011-56.html
CONFIRM https://bugzilla.mozilla.org/show_bug.cgi?id=704482
MANDRIVA MDVSA-2011:192
SUSE openSUSE-SU-2012:0007
SUSE openSUSE-SU-2012:0039
OSVDB 77954
OVAL oval:org.mitre.oval:def:14739
SECTRACK 1026445
SECTRACK 1026446
SECTRACK 1026447
SECUNIA 47302
SECUNIA 47334
SECUNIA 49055
XF firefox-svg-animation-info-disc(71911)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.