CVE-2014-1539 in Mozilla Firefoxinfo

Summary

Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.

Reservation

01/16/2014

Disclosure

06/11/2014

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
13561Mozilla Firefox Cursor input validation20UnprovenOfficial fixCVE-2014-1539

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!