CVE-2008-1241Link Following in Mozilla Firefox

CWE-59Link Following6 documents5 sources
Severity
4.3MEDIUMNVD
EPSS
3.3%
top 12.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxMozilla Seamonkey
Timeline
PublishedMar 27
Latest updateMay 1

Description

GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

NVDmozilla/firefox2.0.0.12

🔴Vulnerability Details

1
GHSA
GHSA-wwx7-qx3f-7g4r: GUI overlay vulnerability in Mozilla Firefox before 22022-05-01

📋Vendor Advisories

3
Ubuntu
Firefox vulnerabilities2008-03-26
Red Hat
XUL popup spoofing2008-03-25
Red Hat
clamav: security fixes in upstream 0.95 (CVE-2008-6680, CVE-2009-1270)

💬Community

1
Bugzilla
CVE-2008-1241 XUL popup spoofing2008-03-24
CVE-2008-1241 — Link Following in Mozilla Firefox | cvebase