Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-9391

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 01 ΠΎΠΊΡ‚. 2024
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: redhat
CVSS3: 7.1
EPSS Низкий

ОписаниС

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 131.

A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full-screen mode. This may allow spoofing of other sites as the address bar is no longer visible.

ΠžΡ‚Ρ‡Π΅Ρ‚

This bug only affects Firefox Focus for Android. Firefox versions shipped by Red Hat are unaffected.

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ ΠΏΠ°ΠΊΠ΅Ρ‚Ρ‹

ΠŸΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΠ°ΠŸΠ°ΠΊΠ΅Ρ‚Π‘ΠΎΡΡ‚ΠΎΡΠ½ΠΈΠ΅Π Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°Ρ†ΠΈΡΠ Π΅Π»ΠΈΠ·
Red Hat Enterprise Linux 6firefoxNot affected
Red Hat Enterprise Linux 7firefoxNot affected
Red Hat Enterprise Linux 8firefoxNot affected
Red Hat Enterprise Linux 9firefoxNot affected

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

Π”ΠΎΠΏΠΎΠ»Π½ΠΈΡ‚Π΅Π»ΡŒΠ½Π°Ρ информация

Бтатус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=2315948firefox: Prevent users from exiting full-screen mode in Firefox Focus for Android

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 53%
0.00306
Низкий

7.1 High

CVSS3

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-9391

CVSS3: 6.5
ubuntu
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-9391

CVSS3: 6.5
nvd
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-9391

CVSS3: 6.5
debian
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A user who enables full-screen mode on a specially crafted web page co ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-p5hw-4fxj-g4x6

CVSS3: 6.5
github
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A user who enables full-screen mode on a specially crafted web page could potentially be prevented from exiting full screen mode. This may allow spoofing of other sites as the address bar is no longer visible. *This bug only affects Firefox Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox < 131.

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2024-09292

CVSS3: 5.4
fstec
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ полноэкранного Ρ€Π΅ΠΆΠΈΠΌΠ° (Full Screen Mode) Π±Ρ€Π°ΡƒΠ·Π΅Ρ€Π° Mozilla Firefox Focus ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Ρ‹Ρ… систСм Android, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚Π΅Π»ΡŽ ΠΏΡ€ΠΎΠ²ΠΎΠ΄ΠΈΡ‚ΡŒ спуфинг-Π°Ρ‚Π°ΠΊΠΈ

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 53%
0.00306
Низкий

7.1 High

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2024-9391