Different techniques existed to obscure the fullscreen notification in
Firefox for Android. These could have lead to potential user confusion and
spoofing attacks. This bug only affects Firefox for Android. Other
versions of Firefox are unaffected. This vulnerability affects Firefox <
126.
Author | Note |
---|---|
tyhicks | mozjs contains a copy of the SpiderMonkey JavaScript engine |
mdeslaur | starting with Ubuntu 22.04, the firefox package is just a script that installs the Firefox snap starting with Ubuntu 24.04, the thunderbird package is just a script that installs the Thunderbird snap |
bugzilla.mozilla.org/show_bug.cgi?id=1871214
bugzilla.mozilla.org/show_bug.cgi?id=1871217
launchpad.net/bugs/cve/CVE-2024-4766
nvd.nist.gov/vuln/detail/CVE-2024-4766
security-tracker.debian.org/tracker/CVE-2024-4766
www.cve.org/CVERecord?id=CVE-2024-4766
www.mozilla.org/en-US/security/advisories/mfsa2024-21/#CVE-2024-4766
www.mozilla.org/security/advisories/mfsa2024-21/