Mozilla Firefox prior to 37.0 on OS X does not ensure that the cursor is visible, which allows remote malicious users to conduct clickjacking attacks via a Flash object in conjunction with DIV elements associated with layered presentation, and crafted JavaScript code that interacts with an IMG element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox |