4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.067 Low
EPSS
Percentile
93.8%
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not
properly manage a delay timer used in confirmation dialogs, which might
allow remote attackers to trick users into confirming an unsafe action,
such as remote file execution, by using a timer to change the window focus,
aka the “dialog refocus bug” or “ffclick2”.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | firefox | < 1.5.dfsg+1.5.0.15~prepatch080202a-0ubuntu1 | UNKNOWN |
ubuntu | 6.10 | noarch | firefox | < 2.0.0.12+0nobinonly+2-0ubuntu0.6.10 | UNKNOWN |
ubuntu | 7.04 | noarch | firefox | < 2.0.0.12+1nobinonly+2-0ubuntu0.7.4 | UNKNOWN |
ubuntu | 7.10 | noarch | firefox | < 2.0.0.12+2nobinonly+2-0ubuntu0.7.10 | UNKNOWN |
ubuntu | 8.04 | noarch | firefox | < 2.0.0.12+2nobinonly+2-0ubuntu3 | UNKNOWN |
ubuntu | 6.06 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.06.0 | UNKNOWN |
ubuntu | 6.10 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.6.10.0 | UNKNOWN |
ubuntu | 7.04 | noarch | mozilla-thunderbird | < 1.5.0.13+1.5.0.15~prepatch080227-0ubuntu0.7.04.0 | UNKNOWN |
ubuntu | 8.04 | noarch | seamonkey | < 1.1.9+nobinonly-0ubuntu1 | UNKNOWN |
ubuntu | 8.10 | noarch | seamonkey | < 1.1.9+nobinonly-0ubuntu1 | UNKNOWN |