CVE-2024-4766
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
Different techniques existed to obscure the fullscreen notification in Firefox for Android. These could have led to potential user confusion and spoofing attacks. This bug only affects Firefox for Android. Other versions of Firefox are unaffected. This vulnerability affects Firefox < 126.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Mozilla | Firefox | unspecified < 126 | affected |
Weaknesses
- Fullscreen notification could have been obscured on Firefox for Android
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
- https://www.mozilla.org/security/advisories/mfsa2024-21/
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871214
- https://bugzilla.mozilla.org/show_bug.cgi?id=1871217
- https://www.mozilla.org/security/advisories/mfsa2024-21/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.