Form Autocompletion Vulnerability in Mozilla Firefox and SeaMonkey

Form Autocompletion Vulnerability in Mozilla Firefox and SeaMonkey

CVE-2011-0067 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.

Learn more about our Web Application Penetration Testing UK.