Lucene search

[email protected]CVE-2015-0810

HistoryApr 01, 2015 - 10:59 a.m.

CVE-2015-0810

2015-04-0110:59:00

CWE-20

[email protected]

web.nvd.nist.gov

mozilla

firefox

os x

clickjacking

cve-2015-0810

nvd

security vulnerability

8.9 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote attackers to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxle36.0.4

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	le	36.0.4

References

www.mozilla.org/security/announce/2015/mfsa2015-35.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

www.securitytracker.com/id/1031996

bugzilla.mozilla.org/show_bug.cgi?id=1125013

security.gentoo.org/glsa/201512-10

8.9 High

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

75.3%

JSON

Related for CVE-2015-0810

mozilla1 ubuntucve1 openvas3 prion1 kaspersky1 nessus5 freebsd1 securityvulns1 gentoo1