Astra Linux – Vulnerability in Firefox and Thunderbird

When resizing a popup after requesting fullscreen access, the popup does not display the fullscreen notification. This vulnerability affects Firefox 98, Firefox ESR 91.7, and Thunderbird 91.7...

MiracleLinux 7 : firefox-91.9.0-1.0.1.el7.AXS7 (AXSA:2022-3176:11)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3176:11 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...

MiracleLinux 8 : firefox-91.9.0-1.el8.ML.1 (AXSA:2022-3174:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3174:10 advisory. Mozilla: Bypassing permission prompt in nested browsing contexts CVE-2022-29909 Mozilla: iframe Sandbox bypass CVE-2022-29911 Mozilla: Fullscreen...

Linux Distros Unpatched Vulnerability : CVE-2022-26383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. This vulnerability affects Firefox 98, Firefo...

SUSE CVE-2022-45408

Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

CVE-2022-45408

Through a series of popups that reuse windowName, an attacker can cause a window to go fullscreen without the user seeing the notification prompt, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox ESR 102.5, Thunderbird 102.5, and Firefox 107...

DEBIAN-CVE-2022-22741

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: When resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification...

The vulnerability of the Thunderbird email client’s user interface, as well as the Firefox and Firefox ESR browsers, stems from incorrect restrictions on the number of visible layers or frames. This allows attackers to exploit these incorrect restrictions to perform unauthorized actions.

The vulnerability of the Thunderbird email client’s user interface, as well as the Firefox and Firefox ESR browsers, is related to an incorrect limitation on the number of visible layers or frames, due to a mistake in adjusting the size of the pop-up window when requesting full-screen access...

UBUNTU-CVE-2018-16080

A missing check for popup window handling in Fullscreen in Google Chrome on macOS prior to 69.0.3497.81 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...