CVE-2008-1241 - Improper Link Resolution Before File Access ('Link Following')

Severity

43%

Complexity

86%

Confidentiality

48%

GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.

GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N).

Overview

Type

Mozilla

First reported 16 years ago

2008-03-27 10:44:00

Last updated 6 years ago

2018-10-11 20:31:00

Affected Software

Mozilla Firefox

Mozilla SeaMonkey

References

SUSE-SA:2008:019

RHSA-2008:0208

29391

29526

29539

29541

29547

29550

29558

29560

29607

29616

29645

30327

30620

238492

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0128

DSA-1532

DSA-1534

DSA-1535

GLSA-200805-18

MDVSA-2008:080

http://www.mozilla.org/security/announce/2008/mfsa2008-19.html

RHSA-2008:0207

RHSA-2008:0209

20080327 rPSA-2008-0128-1 firefox

28448

1019700

USN-592-1

TA08-087A

US Government Resource

ADV-2008-0998

ADV-2008-1793

firefox-xul-popup-spoofing(41454)

oval:org.mitre.oval:def:11163

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.