Missing fullscreen and pointer lock notification when requesting both - CVE-2021-43538| ID: oval:org.secpod.oval:def:76251 | Date: (C)2021-12-08 (M)2023-11-19 |
| Class: VULNERABILITY | Family: macos |
Mozilla Firefox 95, Mozilla Firefox ESR 91.4, Mozilla Thunderbird 91.4 : By misusing a race in our notification code, an attacker could have forcefully hidden the notification for pages that had received full screen and pointer lock access, which could have been used for spoofing attacks.
| Platform: |
| Apple Mac OS 14 |
| Apple Mac OS 13 |
| Apple Mac OS X 10.9 |
| Apple Mac OS X 10.10 |
| Apple Mac OS X 10.11 |
| Apple Mac OS X 10.12 |
| Apple Mac OS X 10.13 |
| Apple Mac OS X 10.14 |
| Apple Mac OS X 10.15 |
| Apple Mac OS 11 |
| Apple Mac OS 12 |
| Product: |
| Mozilla Firefox |
| Mozilla Firefox ESR |
| Mozilla Thunderbird |
