[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: Clickjacking through cursor invisibility after Flash interaction - mfsa2014-50 (Mac OS X)

ID: oval:org.secpod.oval:def:19988Date: (C)2014-06-27   (M)2023-11-18
Class: PATCHFamily: macos




Security researcher Jordi Chancel reported a mechanism where the cursor can be rendered invisible after it has been used on an embedded flash object when used outside of the object. This flaw can be in used in combination with an image of the cursor manipulated through JavaScript, leading to clickjacking during interactions with HTML content subsequently. This issue only affects OS X and is not present on Windows or Linux systems.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.13
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Product:
Mozilla Firefox
Reference:
MFSA 2014-50
CVE-2014-1539
CVE    1
CVE-2014-1539
CPE    2
cpe:/a:mozilla:firefox:29.0.1
cpe:/a:mozilla:firefox

© SecPod Technologies