Описание
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
The Mozilla Foundation Security Advisory describes this flaw as:
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2021:4116 | 03.11.2021 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2021:4134 | 04.11.2021 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2021:4123 | 03.11.2021 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2021:4130 | 04.11.2021 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | thunderbird | Fixed | RHSA-2021:4133 | 04.11.2021 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | firefox | Fixed | RHSA-2021:4607 | 10.11.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | thunderbird | Fixed | RHSA-2021:4132 | 04.11.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | firefox | Fixed | RHSA-2021:4605 | 10.11.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Through a series of navigations, Firefox could have entered fullscreen ...
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
Уязвимость браузера Mozilla Firefox, связанная с недостаточным предупреждением об опасных действиях, позволяющая нарушителю провести атаку с использованием спуфинга
EPSS
7.5 High
CVSS3