Lucene search
Mozilla FoundationMFSA2008-19HistoryMar 25, 2008 - 12:00 a.m.
XUL popup spoofing variant (cross-tab popups) — Mozilla
2008-03-2500:00:00
Mozilla Foundation
www.mozilla.org
15
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.01
Percentile
83.6%
Mozilla contributor Chris Thomas demonstrated that it was possible to have a background tab create a borderless XUL pop-up in front of the active tab in the user’s browser. This technique could be used by an attacker to spoof form elements such as a login prompt for a site opened in a different tab and steal the user’s login credentials for that site.
Affected configurations
Node
mozillafirefoxRange<2.0.0.13
ORmozillaseamonkeyRange<1.1.9
Related
securityvulns
securityvulns
Mozilla Foundation Security Advisory 2008-19
2008-03-26 00:00:00
Mozilla Firefox / Seamonkey multiple security vulnerabilities
2008-03-28 00:00:00
cvelist
cvelist
CVE-2008-1241
2008-03-27 10:00:00
cve
cve
CVE-2008-1241
2008-03-27 10:44:00
prion
prion
Code injection
2008-03-27 10:44:00
nvd
nvd
CVE-2008-1241
2008-03-27 10:44:00
ubuntucve
ubuntucve
CVE-2008-1241
2008-03-27 00:00:00
veracode
veracode
Phishing Attack
2020-04-10 00:22:22
openvas
openvas
Mozilla Firefox, Thunderbird, Seamonkey: Multiple Vulnerabilities (MFSA2008-14) - Linux
2008-06-17 00:00:00
CentOS Update for seamonkey CESA-2008:0208 centos3 x86_64
2009-02-27 00:00:00
Fedora Update for gtkmozembedmm FEDORA-2008-2662
2009-02-16 00:00:00
nessus
nessus
fedora
fedora
[SECURITY] Fedora 7 Update: gtkmozembedmm-1.4.2.cvs20060817-16.fc7
2008-03-26 17:11:47
[SECURITY] Fedora 8 Update: gnome-python2-extras-2.19.1-13.fc8
2008-03-26 17:14:05
[SECURITY] Fedora 8 Update: galeon-2.0.4-1.fc8.3
2008-03-26 17:14:06
oraclelinux
oraclelinux
thunderbird security update
2008-04-03 00:00:00
firefox security update
2008-03-27 00:00:00
seamonkey security update
2008-03-28 00:00:00
redhat
redhat
(RHSA-2008:0207) Critical: firefox security update
2008-03-26 00:00:00
(RHSA-2008:0209) Moderate: thunderbird security update
2008-04-03 00:00:00
(RHSA-2008:0208) Critical: seamonkey security update
2008-03-27 00:00:00
centos
centos
firefox security update
2008-03-27 14:36:53
thunderbird security update
2008-04-10 17:03:24
seamonkey security update
2008-03-28 11:28:19
seebug
seebug
Mozilla Thunderbird/Seamonkey/Firefox 2.0.0.13版本修复多个安全漏洞
2008-03-31 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2008-03-26 00:00:00
suse
suse
remote code execution in MozillaFirefox
2008-04-04 15:01:05
osv
osv
ubuntu
ubuntu
Firefox vulnerabilities
2008-03-26 00:00:00
debian
debian
[SECURITY] [DSA 1534-2] New iceape packages fix regression
2008-04-24 21:02:40
[SECURITY] [DSA 1534-1] New iceape packages fix several vulnerabilities
2008-03-28 13:48:02
[SECURITY] [DSA 1535-1] New iceweasel packages fix several vulnerabilities
2008-03-30 12:22:31
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
EPSS
0.01
Percentile
83.6%
Related for MFSA2008-19