CVE-2010-1125
Last modified
CVE-2010-1125 is a vulnerability of currently unknown severity. The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.. EPSS estimates a 2.00% chance of exploitation in the next 30 days.
Description
The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, allows remote attackers to send selected keystrokes to a form field in a hidden frame, instead of the intended form field in a visible frame, via certain calls to the focus method.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Mozilla | Firefox | 3.0 |
| Mozilla | Firefox | 3.0.1 |
| Mozilla | Firefox | 3.0.2 |
| Mozilla | Firefox | 3.0.3 |
| Mozilla | Firefox | 3.0.4 |
| Mozilla | Firefox | 3.0.5 |
| Mozilla | Firefox | 3.0.7 |
| Mozilla | Firefox | 3.0.8 |
| Mozilla | Firefox | 3.0.9 |
| Mozilla | Firefox | 3.0.10 |
| Mozilla | Firefox | 3.0.11 |
| Mozilla | Firefox | 3.0.12 |
| Mozilla | Firefox | 3.0.13 |
| Mozilla | Firefox | 3.0.14 |
| Mozilla | Firefox | 3.0.15 |
| Mozilla | Firefox | 3.5 |
| Mozilla | Firefox | 3.5.1 |
| Mozilla | Firefox | 3.5.2 |
| Mozilla | Firefox | 3.5.3 |
| Mozilla | Firefox | 3.5.4 |
| Mozilla | Firefox | 3.5.5 |
| Mozilla | Firefox | 3.5.6 |
| Mozilla | Firefox | 3.5.7 |
| Mozilla | Firefox | 3.5.9 |
| Mozilla | Firefox | 3.6 |
| Mozilla | Firefox | 3.6.2 |
| Mozilla | Firefox | 3.6.1 |
| Mozilla | Firefox | 3.6.3 |
| Mozilla | Seamonkey | <= 2.0.4 |
| Mozilla | Seamonkey | 1.0 |
| Mozilla | Seamonkey | 1.0.1 |
| Mozilla | Seamonkey | 1.0.2 |
| Mozilla | Seamonkey | 1.0.3 |
| Mozilla | Seamonkey | 1.0.4 |
| Mozilla | Seamonkey | 1.0.5 |
| Mozilla | Seamonkey | 1.0.6 |
| Mozilla | Seamonkey | 1.0.7 |
| Mozilla | Seamonkey | 1.0.8 |
| Mozilla | Seamonkey | 1.0.9 |
| Mozilla | Seamonkey | 1.1 |
| Mozilla | Seamonkey | 1.1.1 |
| Mozilla | Seamonkey | 1.1.2 |
| Mozilla | Seamonkey | 1.1.3 |
| Mozilla | Seamonkey | 1.1.4 |
| Mozilla | Seamonkey | 1.1.5 |
| Mozilla | Seamonkey | 1.1.6 |
| Mozilla | Seamonkey | 1.1.7 |
| Mozilla | Seamonkey | 1.1.8 |
| Mozilla | Seamonkey | 1.1.9 |
| Mozilla | Seamonkey | 1.1.10 |
Showing 50 of 65 affected configurations. See NVD for the full list.
References
- http://secunia.com/advisories/40326Vendor Advisory
- http://secunia.com/advisories/40401Vendor Advisory
- http://secunia.com/advisories/40481Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1551Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1557Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1640Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1773Vendor Advisory
- http://secunia.com/advisories/40326Vendor Advisory
- http://secunia.com/advisories/40401Vendor Advisory
- http://secunia.com/advisories/40481Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1551Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1557Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1640Vendor Advisory
- http://www.vupen.com/english/advisories/2010/1773Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2010-1125?
How severe is CVE-2010-1125?
How do I fix CVE-2010-1125?
Are you affected by CVE-2010-1125?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST