Astra Linux - уязвимость в firefox

A race condition involving requestPointerLock and setTimeout could have allowed a user to interact with one tab while believing they were on a different tab. Combined with certain elements such as , this could lead to an attack where the user became confused about the origin of the webpage and...

EUVD-2021-10920

Malware in sbrugna...

A malicious website could have used a combination of exiting fullscreen mode and `requestPointerLock` to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.

...

CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as this could have led to an attack where a user was confused about the origin of the webpage an...

Mozilla Firefox Security Bypass Vulnerability (CNVD-2024-12548)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security bypass vulnerability that originates from the use of a combination of exit fullscreen mode and requestPointerLock to cause the user's mouse to be accidentally...

Oracle Linux 8 : firefox (ELSA-2024-0955)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-0955 advisory. 115.8.0-1.0.1 - Update to 115.8.0 build 1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...

Mozilla: Mouse cursor re-positioned unexpectedly could have led to unintended permission grants

The Mozilla Foundation Security Advisory describes this flaw as: A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting...

CVE-2024-1550

The Mozilla Foundation Security Advisory describes this flaw as: A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting...

CVE-2024-1550

A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects...

CVE-2024-1550

CVE-2024-1550 involves a vulnerability where a malicious webpage could combine exiting fullscreen mode with requestPointerLock to reposition the user’s mouse, potentially causing confusion and unintended permission grants. Affected products include Firefox versions before 123, Firefox ESR before ...

CVE-2024-1550

A malicious website could have used a combination of exiting fullscreen mode and requestPointerLock to cause the user's mouse to be re-positioned unexpectedly, which could have led to user confusion and inadvertently granting permissions they did not intend to grant. This vulnerability affects...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2024-051-01)

The version of mozilla-firefox installed on the remote host is prior to 115.8.0esr. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-051-01 advisory. - When storing and re-accessing data on a networking channel, the length of buffers may have been confused,...

SUSE CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

Race condition

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

CVE-2021-24000

CVE-2021-24000 is a race-condition vulnerability in Mozilla Firefox prior to version 88, involving requestPointerLock() and setTimeout() that could allow a user to interact with one tab while believing they were on another tab. In conjunction with certain elements (e.g., ), this could cause infor...

CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

UBUNTU-CVE-2021-24000

A race condition with requestPointerLock and setTimeout could have resulted in a user interacting with one tab when they believed they were on a separate tab. In conjunction with certain elements such as input type="file" this could have led to an attack where a user was confused about the origin...

Mozilla Firefox < 88.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 88.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-16 advisory. - Mozilla developers and community members Ryan VanderMeulen, Sean Feng, Tyson Smith, Julian Seward, Christian...

CVE-2019-11754

When the pointer lock is enabled by a website though requestPointerLock, no user notification is given. This could allow a malicious website to hijack the mouse pointer and confuse users. This vulnerability affects Firefox 69.0.1...