Lucene search
HistoryMar 19, 2024 - 12:15 p.m.
CVE-2024-2609
cve-2024-2609
permission prompt
input delay
clickjacking
firefox vulnerability
The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.
| Vendor | Product | Version | CPE |
|---|---|---|---|
| mozilla | firefox | * | cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:* |
| mozilla | firefox_esr | * | cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:* |
| mozilla | thunderbird | * | cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:* |
References
bugzilla.mozilla.org/show_bug.cgi?id=1866100
lists.debian.org/debian-lts-announce/2024/04/msg00012.html
lists.debian.org/debian-lts-announce/2024/04/msg00013.html
www.mozilla.org/security/advisories/mfsa2024-12/
www.mozilla.org/security/advisories/mfsa2024-19/
www.mozilla.org/security/advisories/mfsa2024-20/
Social References
More
Related
veracode
veracode
Clickjacking
2024-03-25 01:33:20
cvelist
cvelist
CVE-2024-2609
2024-03-19 12:02:54
redhatcve
redhatcve
CVE-2024-2609
2024-04-18 09:59:50
ubuntucve
ubuntucve
CVE-2024-2609
2024-03-19 00:00:00
cnvd
cnvd
Mozilla Firefox Clickjacking Vulnerability (CNVD-2024-14973)
2024-03-21 00:00:00
debiancve
debiancve
CVE-2024-2609
2024-03-19 12:15:08
oraclelinux
oraclelinux
firefox security update
2024-04-19 00:00:00
firefox security update
2024-04-19 00:00:00
firefox security update
2024-04-18 00:00:00
nessus
nessus
Oracle Linux 9 : firefox (ELSA-2024-1908)
2024-04-19 00:00:00
Oracle Linux 8 : firefox (ELSA-2024-1912)
2024-04-20 00:00:00
Rocky Linux 8 : firefox (RLSA-2024:1912)
2024-05-06 00:00:00
osv
osv
Important: firefox security update
2024-04-18 00:00:00
Important: firefox security update
2024-04-18 00:00:00
Important: firefox security update
2024-05-06 13:04:21
rocky
rocky
firefox security update
2024-05-10 14:32:42
firefox security update
2024-05-06 13:04:21
almalinux
almalinux
Important: firefox security update
2024-04-18 00:00:00
Important: firefox security update
2024-04-18 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-3791-1)
2024-04-22 00:00:00
Debian: Security Advisory (DSA-5670-1)
2024-04-22 00:00:00
Debian: Security Advisory (DLA-3790-1)
2024-04-22 00:00:00
redhat
redhat
(RHSA-2024:1940) Low: thunderbird security update
2024-04-22 08:00:35
(RHSA-2024:1908) Important: firefox security update
2024-04-18 09:05:44
(RHSA-2024:1906) Important: firefox security update
2024-04-18 09:05:27
ubuntu
ubuntu
Thunderbird vulnerabilities
2024-04-25 00:00:00
Firefox vulnerabilities
2024-03-20 00:00:00
debian
debian
[SECURITY] [DSA 5663-1] firefox-esr security update
2024-04-17 17:21:09
[SECURITY] [DLA 3791-1] thunderbird security update
2024-04-22 08:49:30
[SECURITY] [DLA 3790-1] firefox-esr security update
2024-04-19 10:40:02
mageia
mageia
Updated thunderbird packages fix security vulnerabilities
2024-04-27 03:37:18
Updated firefox packages fix security vulnerabilities
2024-04-27 09:26:16
mozilla
mozilla
Security Vulnerabilities fixed in Firefox ESR 115.10 — Mozilla
2024-04-16 00:00:00
Security Vulnerabilities fixed in Thunderbird 115.10 — Mozilla
2024-04-16 00:00:00
Security Vulnerabilities fixed in Firefox 124 — Mozilla
2024-03-19 00:00:00
slackware
slackware
[slackware-security] mozilla-firefox
2024-04-16 18:53:34
kaspersky
kaspersky
KLA65224 Multiple vulnerabilities in Mozilla Firefox
2024-03-19 00:00:00
gentoo
gentoo
Mozilla Thunderbird: Multiple Vulnerabilities
2024-05-12 00:00:00