CVE-2009-0253
published 2009-01-22CVE-2009-0253: Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current…
PriorityP432medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
2.53%
82.9th percentile
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
mozilla: status bar obfuscation
vendor_redhat·2009-01-21·CVSS 6.8
CVE-2009-0253 [MEDIUM] mozilla: status bar obfuscation
mozilla: status bar obfuscation
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.
GHSA
GHSA-46q2-jwmx-26gx: Mozilla Firefox 3
ghsa_unreviewed·2022-05-02
CVE-2009-0253 [MEDIUM] GHSA-46q2-jwmx-26gx: Mozilla Firefox 3
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.
No detection rules found.
2009-01-22
Published