![]() ![]() Vulnerability may allow a remote attacker to perform a phishing attack but requires that the spoofed website has an open redirect vulnerability.įirefox ESR: 60.0 - 78.2.0 External linksĬVSSv3.1: 5.3 ĬWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') A remote attacker can spoof origin of theĭownloaded file and display the name of the intermediate website instead of the original source name. ![]() Vulnerability exists due to way Firefox displays name of the data The vulnerability allows a remote attacker to perform spoofing attack. We are not aware of malware exploiting this vulnerability.ĬVSSv3.1: 3 ĬWE-ID: CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing) Is there known malware, which exploits this vulnerability? The attacker would have to trick the victim to visit a specially crafted website. How the attacker can exploit this vulnerability? This vulnerability can be exploited by a remote non-authenticated attacker via the Internet. Mozilla Firefox: 70.0 - 80.0.1 External linksĬan this vulnerability be exploited remotely? ![]() Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a use-after free error and execute arbitrary code on the target system. The vulnerability exists due to a use-after-free error when processing HTML content in WebGL. The vulnerability allows a remote attacker to compromise vulnerable system. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |