Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | 3.6 | 3.6 |
Firefox | Mozilla | 3.6.2 | 3.6.2 |
Firefox | Mozilla | 3.6.3 | 3.6.3 |
Firefox | Mozilla | 3.6.4 | 3.6.4 |
Firefox | Mozilla | 3.6.6 | 3.6.6 |
Firefox | Mozilla | 3.6.7 | 3.6.7 |
Firefox | Mozilla | 3.6.8 | 3.6.8 |
Firefox | Mozilla | 3.6.9 | 3.6.9 |
Firefox | Mozilla | 3.6.10 | 3.6.10 |
Firefox | Mozilla | 3.6.11 | 3.6.11 |
Firefox | Mozilla | 3.6.12 | 3.6.12 |
Firefox | Mozilla | 3.6.13 | 3.6.13 |
Firefox | Mozilla | 3.6.14 | 3.6.14 |
Firefox | Mozilla | 3.6.15 | 3.6.15 |
Firefox | Mozilla | 3.6.16 | 3.6.16 |
Firefox | Mozilla | 3.6.17 | 3.6.17 |
Firefox | Mozilla | 3.6.18 | 3.6.18 |
Firefox | Mozilla | 3.6.19 | 3.6.19 |
Firefox | Mozilla | 3.6.20 | 3.6.20 |
Firefox | Mozilla | 3.6.21 | 3.6.21 |
Firefox | Mozilla | * | 3.6.22 |
Red Hat Enterprise Linux 4 | RedHat | firefox-0:3.6.23-1.el4 | * |
Red Hat Enterprise Linux 5 | RedHat | firefox-0:3.6.23-2.el5_7 | * |
Red Hat Enterprise Linux 5 | RedHat | xulrunner-0:1.9.2.23-1.el5_7 | * |
Red Hat Enterprise Linux 6 | RedHat | firefox-0:3.6.23-2.el6_1 | * |
Red Hat Enterprise Linux 6 | RedHat | xulrunner-0:1.9.2.23-1.el6_1.1 | * |
Red Hat Enterprise Linux 6 | RedHat | thunderbird-0:3.1.15-1.el6_1 | * |
Firefox | Ubuntu | hardy | * |
Firefox | Ubuntu | lucid | * |
Firefox | Ubuntu | maverick | * |
Firefox | Ubuntu | natty | * |
Firefox | Ubuntu | upstream | * |
Firefox-3.0 | Ubuntu | hardy | * |
Seamonkey | Ubuntu | hardy | * |
Seamonkey | Ubuntu | lucid | * |
Seamonkey | Ubuntu | maverick | * |
Seamonkey | Ubuntu | natty | * |
Seamonkey | Ubuntu | upstream | * |
Thunderbird | Ubuntu | hardy | * |
Thunderbird | Ubuntu | lucid | * |
Thunderbird | Ubuntu | maverick | * |
Thunderbird | Ubuntu | natty | * |
Thunderbird | Ubuntu | upstream | * |
Xulrunner-1.9.2 | Ubuntu | hardy | * |
Xulrunner-1.9.2 | Ubuntu | lucid | * |
Xulrunner-1.9.2 | Ubuntu | maverick | * |
Xulrunner-1.9.2 | Ubuntu | natty | * |
Xulrunner-1.9.2 | Ubuntu | upstream | * |
Xulrunner-2.0 | Ubuntu | natty | * |
Xulrunner-2.0 | Ubuntu | upstream | * |