2 matches found
Temporal UI State Inconsistency in Desktop GUI Agents: Formalizing and Defending against TOCTOU Attacks on Computer-Use Agents
GUI agents that control desktop computers via screenshot-and-click loops introduce a new class of vulnerability: the observation-to-action gap mean 6.51 s on real OSWorld workloads creates a Time-Of-Check, Time-Of-Use TOCTOU window during which an unprivileged attacker can manipulate the UI state...
UBUNTU-CVE-2018-5098
A use-after-free vulnerability can occur when form input elements, focus, and selections are manipulated by script content. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.6, Firefox ESR 52.6, and Firefox 58...