The file-download implementation in Mozilla Firefox prior to 27.0 and SeaMonkey prior to 2.24 does not properly restrict the timing of button selections, which allows remote malicious users to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse opensuse 11.4 |
||
opensuse opensuse 12.3 |
||
opensuse opensuse 13.1 |
||
suse linux enterprise desktop 11 |
||
suse linux enterprise server 11 |
||
suse linux enterprise software development kit 11 |
||
oracle solaris 11.3 |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 12.10 |
||
canonical ubuntu linux 13.10 |
||
mozilla firefox |
||
mozilla seamonkey |