4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.2%
Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is
visible, which allows remote attackers to conduct clickjacking attacks via
a Flash object in conjunction with DIV elements associated with layered
presentation, and crafted JavaScript code that interacts with an IMG
element.
Author | Note |
---|---|
chrisccoulson | OS X only |