Описание
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| firefox | fixed | 129.0-1 | package | |
| firefox-esr | fixed | 115.14.0esr-1 | package | |
| thunderbird | fixed | 1:128.1.0esr-1 | package |
Примечания
https://www.mozilla.org/en-US/security/advisories/mfsa2024-33/#CVE-2024-7529
https://www.mozilla.org/en-US/security/advisories/mfsa2024-34/#CVE-2024-7529
https://www.mozilla.org/en-US/security/advisories/mfsa2024-38/#CVE-2024-7529
EPSS
Связанные уязвимости
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, Firefox ESR < 128.1, Thunderbird < 128.1, and Thunderbird < 115.14.
The date picker could partially obscure security prompts. This could be used by a malicious site to trick a user into granting permissions. This vulnerability affects Firefox < 129, Firefox ESR < 115.14, and Firefox ESR < 128.1.
Уязвимость функции Date Picker («Выбор даты») браузеров Mozilla Firefox, Firefox ESR, позволяющая нарушителю предоставить произвольные разрешения и получить несанкционированный доступ к данным или функциям
EPSS