N/A
CVE-2011-3663
Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to capture keystrokes entered on a web page, even when JavaScript is disabled, by using SVG animation accessKey events within that web page.
EPSS
1.0%
percentile 76.6%
Affected tracked apps
Vulnerable CPE configurations
| Vendor | Product | Platform | Versions | CPE 2.3 URI |
|---|---|---|---|---|
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:5.0:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:6.0:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:6.0.1:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:6.0.2:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:7.0:*:*:*:*:*:*:* |
| mozilla | thunderbird | Windows | — | cpe:2.3:a:mozilla:thunderbird:7.0.1:*:*:*:*:*:*:* |