Описание
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks.
This bug only affects Thunderbird for Linux. Other operating systems are unaffected.. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of a malicious website that creates a popup that could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks.
Отчет
This bug only affects Firefox and Thunderbird for Linux. Other operating systems are unaffected.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 6 | thunderbird | Out of support scope | ||
| Red Hat Enterprise Linux 7 | firefox | Fixed | RHSA-2022:5479 | 01.07.2022 |
| Red Hat Enterprise Linux 7 | thunderbird | Fixed | RHSA-2022:5480 | 01.07.2022 |
| Red Hat Enterprise Linux 8 | firefox | Fixed | RHSA-2022:5469 | 30.06.2022 |
| Red Hat Enterprise Linux 8 | thunderbird | Fixed | RHSA-2022:5470 | 30.06.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | firefox | Fixed | RHSA-2022:5477 | 30.06.2022 |
| Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | thunderbird | Fixed | RHSA-2022:5478 | 30.06.2022 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | firefox | Fixed | RHSA-2022:5474 | 01.07.2022 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | thunderbird | Fixed | RHSA-2022:5475 | 01.07.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
A malicious website that could create a popup could have resized the p ...
A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11.
Уязвимость почтового клиента Thunderbird, браузеров Firefox и Firefox ESR, связанная с неправильной обработкой события изменения размера всплывающего окна, позволяющая нарушителю проводить спуфинг атаки
EPSS
7.5 High
CVSS3