CVE-2011-0067
Publication date 4 May 2011
Last updated 26 May 2025
Ubuntu priority
Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly implement autocompletion for forms, which allows remote attackers to read form history entries via a Java applet that spoofs interaction with the autocomplete controls.
Status
Package | Ubuntu Release | Status |
---|---|---|
firefox | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Not affected
|
|
10.10 maverick |
Fixed 3.6.17+build3+nobinonly-0ubuntu0.10.10.1
|
|
10.04 LTS lucid |
Fixed 3.6.17+build3+nobinonly-0ubuntu0.10.04.1
|
|
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Ignored end of life | |
firefox-3.0 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid | Not in release | |
8.04 LTS hardy |
Fixed 3.6.17+build3+nobinonly-0ubuntu0.8.04.1
|
|
6.06 LTS dapper | Not in release | |
firefox-3.5 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
11.04 natty | Not in release | |
10.10 maverick | Not in release | |
10.04 LTS lucid | Not in release | |
9.10 karmic |
Fixed 3.6.17+build3+nobinonly-0ubuntu0.9.10.1
|
|
8.04 LTS hardy | Not in release | |
6.06 LTS dapper | Not in release | |
seamonkey | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Ignored end of life | |
11.04 natty | Ignored end of life | |
10.10 maverick | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Not in release | |
thunderbird | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Not affected
|
|
11.04 natty |
Fixed 3.1.10+build1+nobinonly-0ubuntu0.11.04.1
|
|
10.10 maverick |
Fixed 3.1.10+build1+nobinonly-0ubuntu0.10.10.1
|
|
10.04 LTS lucid |
Fixed 3.1.10+build1+nobinonly-0ubuntu0.10.04.1
|
|
8.04 LTS hardy | Ignored end of life | |
6.06 LTS dapper | Not in release | |
xulrunner-1.9.2 | 13.10 saucy | Not in release |
13.04 raring | Not in release | |
12.10 quantal | Not in release | |
12.04 LTS precise | Not in release | |
11.10 oneiric | Not in release | |
11.04 natty |
Fixed 1.9.2.17+build3+nobinonly-0ubuntu1
|
|
10.10 maverick |
Fixed 1.9.2.17+build3+nobinonly-0ubuntu0.10.10.1
|
|
10.04 LTS lucid |
Fixed 1.9.2.17+build3+nobinonly-0ubuntu0.10.04.1
|
|
9.10 karmic |
Fixed 1.9.2.17+build3+nobinonly-0ubuntu0.9.10.1
|
|
8.04 LTS hardy |
Fixed 1.9.2.17+build3+nobinonly-0ubuntu0.8.04.1
|
|
6.06 LTS dapper | Not in release |
References
Related Ubuntu Security Notices (USN)
- USN-1123-1
- Xulrunner vulnerabilities
- 30 April 2011
- USN-1112-1
- Firefox and Xulrunner vulnerabilities
- 29 April 2011
- USN-1122-1
- Thunderbird vulnerabilities
- 5 May 2011
- USN-1122-2
- Thunderbird vulnerabilities
- 5 May 2011