Описание
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 101.0-1 | package | |
| firefox-esr | fixed | 91.10.0esr-1 | package | |
| thunderbird | fixed | 1:91.10.0-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2022-20/#CVE-2022-31738
https://www.mozilla.org/en-US/security/advisories/mfsa2022-21/#CVE-2022-31738
https://www.mozilla.org/en-US/security/advisories/mfsa2022-22/#CVE-2022-31738
Связанные уязвимости
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10.
Уязвимость реализации полноэкранного режима браузеров Firefox, Firefox ESR и почтового клиента Thunderbird, позволяющая нарушителю проводить спуфинг-атаки