Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions...

Mozilla: Potential permissions request bypass via clickjacking

The Mozilla Foundation Security Advisory describes this flaw as: A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.11.0 ESR. Security Fixes: Mozilla: Browser prompts could have been obscured by popups CVE-2023-32205 Mozilla: Crash in RLBox Expat driver...

SUSE-SU-2023:2175-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR bsc1211175: - CVE-2023-32205: Browser prompts could have been obscured by popups - CVE-2023-32206: Crash in RLBox Expat driver - CVE-2023-32207: Potential permissions request bypass via clickjacking -...

SUSE-SU-2023:2173-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Extended Support Release 102.11.0 ESR bsc1211175: - CVE-2023-32205: Browser prompts could have been obscured by popups - CVE-2023-32206: Crash in RLBox Expat driver - CVE-2023-32207: Potential permissions request bypass via clickjacking -...

Mozilla Thunderbird Security Advisories (MFSA2023-18) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

Mozilla Firefox Security Advisories (MFSA2023-16) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Adult content malvertising scheme leads to clickjacking

Malwarebytes researchers have found a malvertising scheme that leads to clickjacking. Clickjacking is a form of ad fraud which is also referred to as click fraud or click spam. It is a practice performed by certain dubious advertising networks, where they sometimes use automated programs--from...

Siemens SCALANCE X Switches Protection Mechanism Failure (CVE-2019-13924)

A vulnerability has been identified in SCALANCE S602 All versions V4.1, SCALANCE S612 All versions V4.1, SCALANCE S623 All versions V4.1, SCALANCE S627-2M All versions V4.1, SCALANCE X-200 switch family incl. SIPLUS NET variants All versions 5.2.4, SCALANCE X-200IRT switch family incl. SIPLUS NET...

UI REDRESSING

Description The web application does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with Steps To Reproduce 1. Create a New HTML file as shown in below i....

K14700: BIG-IP APM clickjacking vulnerability CVE-2013-5975

Security Advisory Description The access policy logon page logon.inc in F5 BIG-IP APM 11.1.0 through 11.2.1 allows remote attackers to conduct clickjacking attacks via unspecified vectors. CVE-2013-5975 Impact Clickjacking protection in the BIG-IP APM access policy logon page may be insufficient...

SUSE CVE-2008-4503

The Settings Manager in Adobe Flash Player 9.0.124.0 and earlier allows remote attackers to cause victims to unknowingly click on a link or dialog via access control dialogs disguised as normal graphical elements, as demonstrated by hijacking the camera or microphone, and related to "clickjacking...

SUSE CVE-2009-0114

Unspecified vulnerability in the Settings Manager in Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87, and possibly other versions, allows remote attackers to trick a user into visiting an arbitrary URL via unknown vectors, related to "a potential Clickjacking issue variant."...

SUSE CVE-2009-0253

Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack...

SUSE CVE-2009-0522

Adobe Flash Player 9.x before 9.0.159.0 and 10.x before 10.0.22.87 on Windows allows remote attackers to trick a user into visiting an arbitrary URL via an unspecified manipulation of the "mouse pointer display," related to a "Clickjacking attack."...

SUSE CVE-2009-1681

WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not prevent web sites from loading third-party content into a subframe, which allows remote attackers to bypass the Same Origin Policy and conduct "clickjacking" attacks via a craft...

SUSE CVE-2009-1867

Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "clickjacking vulnerability."...

SUSE CVE-2010-2215

Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to trick a user into 1 selecting a link or 2 completing a dialog, related to a "click-jacking" issue...