Lucene search
Mozilla FoundationMFSA2014-40HistoryApr 29, 2014 - 12:00 a.m.
Firefox for Android addressbar suppression — Mozilla
2014-04-2900:00:00
Mozilla Foundation
www.mozilla.org
28
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
70.0%
Security researcher Juho Nurminen reported that on Firefox for Android, when the addressbar has been scrolled off screen, an attacker can prevent it from rendering again through the use of script interacting DOM events. This allows an attacker to present a fake addressbar to the user, possibly leading to successful phishing attacks.
Affected configurations
Node
mozillafirefoxRange<29
Related
cvelist
cvelist
CVE-2014-1527
2014-04-30 10:00:00
nvd
nvd
CVE-2014-1527
2014-04-30 10:49:04
prion
prion
Code injection
2014-04-30 10:49:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2014-40) - Deprecated
2021-11-11 00:00:00
cve
cve
CVE-2014-1527
2014-04-30 10:49:04
ubuntucve
ubuntucve
CVE-2014-1527
2014-04-30 00:00:00
kaspersky
kaspersky
KLA10121 SUI vulnerability in Mozilla Firefox
2014-04-30 00:00:00
nessus
nessus
freebsd
freebsd
mozilla -- multiple vulnerabilities
2014-04-29 00:00:00
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2014-05-01 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
EPSS
0.003
Percentile
70.0%
Related for MFSA2014-40