[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: Application Installation doorhanger persists on navigation - mfsa2013-105

ID: oval:org.secpod.oval:def:16239Date: (C)2013-12-20   (M)2023-11-18
Class: PATCHFamily: macos




Mozilla developer Myk Melez reported that with specifically timed page navigation, the doorhanger notification for Web App installation could persist from one site to another without being dismissed by the navigation. This could be used by a malicious site to trick a user into installing an application from one site while making it appear to come from another.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.13
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Product:
Mozilla Firefox
Reference:
MFSA 2013-105
CVE-2013-5611
CVE    1
CVE-2013-5611
CPE    215
cpe:/a:mozilla:firefox:14.0
cpe:/a:mozilla:firefox:20.0.1
cpe:/a:mozilla:firefox:1.5:beta2
cpe:/a:mozilla:firefox:1.5:beta1
...

© SecPod Technologies