0.008 Low
EPSS
Percentile
82.1%
Mozilla Firefox before 22.0 does not properly enforce the X-Frame-Options protection mechanism, which allows remote attackers to conduct clickjacking attacks via a crafted web site that uses the HTTP server push feature with multipart responses.
www.mozilla.org/security/announce/2013/mfsa2013-58.html
launchpad.net/bugs/cve/CVE-2013-1696
nvd.nist.gov/vuln/detail/CVE-2013-1696
security-tracker.debian.org/tracker/CVE-2013-1696
ubuntu.com/security/notices/USN-1890-1
www.cve.org/CVERecord?id=CVE-2013-1696