Lucene search

GoogleOSV:CVE-2024-4773

HistoryMay 14, 2024 - 6:15 p.m.

CVE-2024-4773

2024-05-1418:15:00

Google

osv.dev

network error

page load

firefox vulnerability

spoofed web site

software security

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

Confidence

Low

JSON

When a network error occurred during page load, the prior content could have remained in view with a blank URL bar. This could have been used to obfuscate a spoofed web site. This vulnerability affects Firefox < 126.

References

bugzilla.mozilla.org/show_bug.cgi?id=1875248

ubuntu.com/security/CVE-2024-4773

ubuntu.com/security/notices/USN-6779-1

www.cve.org/CVERecord?id=CVE-2024-4773

www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4773

www.mozilla.org/security/advisories/mfsa2024-21/

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

Confidence

Low

JSON

Related for OSV:CVE-2024-4773