CVE-2024-11700

Summary

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133.

Affected Software

VendorProductVersion RangeStatus
MozillaFirefoxunspecified < 133affected
MozillaThunderbirdunspecified < 133affected

Weaknesses

  • Potential Tapjacking Exploit for Intent Confirmation on Android

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References