Описание
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1 |
| devel | DNE | |
| edgy | released | 2.0.0.12+0nobinonly+2-0ubuntu0.6.10 |
| feisty | released | 2.0.0.12+1nobinonly+2-0ubuntu0.7.4 |
| gutsy | released | 2.0.0.12+2nobinonly+2-0ubuntu0.7.10 |
| hardy | released | 2.0.0.12+2nobinonly+2-0ubuntu3 |
| intrepid | DNE | |
| upstream | released | 2.0.0.12 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | ignored | end of life, was needs-triage |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | DNE | |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0 |
| devel | DNE | |
| edgy | released | 1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0 |
| feisty | released | 1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0 |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| upstream | released |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.1.9+nobinonly-0ubuntu1 |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | DNE | |
| hardy | released | 1.1.9+nobinonly-0ubuntu1 |
| intrepid | released | 1.1.9+nobinonly-0ubuntu1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.0.0.12+nobinonly-0ubuntu1 |
| edgy | DNE | |
| feisty | DNE | |
| gutsy | released | 2.0.0.12+nobinonly-0ubuntu0.7.10.0 |
| hardy | released | 2.0.0.12+nobinonly-0ubuntu1 |
| intrepid | released | 2.0.0.12+nobinonly-0ubuntu1 |
| upstream | released | 2.0.0.12 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 1.8.1.13+nobinonly-0ubuntu1 |
| edgy | ignored | end of life, was needs-triage |
| feisty | ignored | end of life, was needs-triage |
| gutsy | released | 1.8.1.18+nobinonly.b308.cvs20090331t155113-0ubuntu0.7.10.1 |
| hardy | released | 1.8.1.13+nobinonly-0ubuntu1 |
| intrepid | released | 1.8.1.13+nobinonly-0ubuntu1 |
| upstream | released | 1.8.1.13 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does n ...
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".
ELSA-2008-0103: Critical: firefox security update (CRITICAL)
EPSS
4.3 Medium
CVSS2