CVE-2009-3370

Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
VendorProductVersion
mozillafirefox
3.0
mozillafirefox
3.0:alpha
mozillafirefox
3.0:beta2
mozillafirefox
3.0:beta5
mozillafirefox
3.0.1
mozillafirefox
3.0.2
mozillafirefox
3.0.3
mozillafirefox
3.0.4
mozillafirefox
3.0.5
mozillafirefox
3.0.6
mozillafirefox
3.0.7
mozillafirefox
3.0.8
mozillafirefox
3.0.9
mozillafirefox
3.0.10
mozillafirefox
3.0.11
mozillafirefox
3.0.12
mozillafirefox
3.0.13
mozillafirefox
3.0.14
mozillafirefox
3.5.1
mozillafirefox
3.5.2
mozillafirefox
3.5.3
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox-3.5
karmic
Fixed 3.5.4+nobinonly-0ubuntu0.9.10.1
released
jaunty
Fixed 3.5.4+nobinonly-0ubuntu0.9.04.1
released
intrepid
dne
hardy
dne
dapper
dne
xulrunner-1.9.1
karmic
Fixed 1.9.1.4+nobinonly-0ubuntu0.9.10.1
released
jaunty
Fixed 1.9.1.4+nobinonly-0ubuntu0.9.04.3
released
intrepid
dne
hardy
dne
dapper
dne
References
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mozilla.org/security/announce/2009/mfsa2009-52.html
http://www.vupen.com/english/advisories/2009/3334
https://bugzilla.mozilla.org/show_bug.cgi?id=511615
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10836
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6455
http://sunsolve.sun.com/search/document.do?assetkey=1-26-272909-1
http://www.mandriva.com/security/advisories?name=MDVSA-2009:294
http://www.mozilla.org/security/announce/2009/mfsa2009-52.html
http://www.vupen.com/english/advisories/2009/3334
https://bugzilla.mozilla.org/show_bug.cgi?id=511615
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10836
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6455