Metrics
Affected Vendors & Products
Mon, 02 Dec 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Malicious websites may have been able to user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133. | Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133. |
Wed, 27 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Mozilla
Mozilla firefox Mozilla thunderbird |
|
Weaknesses | CWE-1021 | |
CPEs | cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:* cpe:2.3:a:mozilla:thunderbird:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Mozilla
Mozilla firefox Mozilla thunderbird |
|
Metrics |
cvssV3_1
|
ssvc
|
Wed, 27 Nov 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Title | firefox: thunderbird: Potential Tapjacking Exploit for Intent Confirmation on Android | |
Weaknesses | CWE-356 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
Tue, 26 Nov 2024 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Malicious websites may have been able to user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133. | |
References |
|
Status: PUBLISHED
Assigner: mozilla
Published: 2024-11-26T13:33:56.353Z
Updated: 2024-12-02T14:09:11.818Z
Reserved: 2024-11-25T16:29:39.690Z
Link: CVE-2024-11700
Updated: 2024-11-27T15:53:55.303Z
Status : Awaiting Analysis
Published: 2024-11-26T14:15:19.523
Modified: 2024-12-02T15:15:10.557
Link: CVE-2024-11700