vulnerability
Oracle Linux: CVE-2021-38506: ELSA-2021-4116: firefox security update (IMPORTANT) (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:H/Au:N/C:C/I:C/A:C) | 2021-11-02 | 2021-11-04 | 2025-01-07 |
Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
2021-11-02
Added
2021-11-04
Modified
2025-01-07
Description
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3.
The Mozilla Foundation Security Advisory describes this flaw as:
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing.
The Mozilla Foundation Security Advisory describes this flaw as:
Through a series of navigations, Firefox could have entered fullscreen mode without notification or warning to the user. This could lead to spoofing attacks on the browser UI including phishing.
Solution(s)
oracle-linux-upgrade-firefoxoracle-linux-upgrade-thunderbird
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.