The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets (CSS) token sequences, which makes it easier for remote attackers to obtain sensitive information about visited web pages via a timing attack.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact None
Availability Impact None
AV:N/AC:M/Au:N/C:P/I:N/A:N
Vendors | Products |
---|---|
Mozilla |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2011-12-07T19:00:00
Updated: 2017-09-18T12:57:01
Reserved: 2011-12-07T00:00:00
Link: CVE-2010-5074
JSON object: View
NVD Information
Status : Modified
Published: 2011-12-07T19:55:01.627
Modified: 2017-09-19T01:31:49.647
Link: CVE-2010-5074
JSON object: View
Redhat Information
No data.
CWE