CVE Vulnerabilities

CVE-2011-2372

Published: Sep 29, 2011 | Modified: Sep 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.5 LOW
AV:N/AC:M/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.

Affected Software

Name Vendor Start Version End Version
Firefox Mozilla 3.6.2 3.6.2
Firefox Mozilla 3.6.3 3.6.3
Firefox Mozilla 3.6.15 3.6.15
Firefox Mozilla 3.6.17 3.6.17
Firefox Mozilla 3.6.11 3.6.11
Firefox Mozilla 3.6.8 3.6.8
Firefox Mozilla 3.6.9 3.6.9
Firefox Mozilla 3.6.14 3.6.14
Firefox Mozilla 3.6.12 3.6.12
Firefox Mozilla * 3.6.22
Firefox Mozilla 3.6.6 3.6.6
Firefox Mozilla 3.6.21 3.6.21
Firefox Mozilla 3.6.16 3.6.16
Firefox Mozilla 3.6.10 3.6.10
Firefox Mozilla 3.6.19 3.6.19
Firefox Mozilla 3.6.7 3.6.7
Firefox Mozilla 3.6.4 3.6.4
Firefox Mozilla 3.6.18 3.6.18
Firefox Mozilla 3.6.20 3.6.20
Firefox Mozilla 3.6 3.6
Firefox Mozilla 3.6.13 3.6.13

References