Mozilla Firefox File Action Dialog Refocus Vulnerability
Gravedad: Medio
Identificadores de CVE : CVE-2008-0591
Fecha recomendada: 21 de julio de 2015
Descripción
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by using a timer to change the window focus, aka the "dialog refocus bug" or "ffclick2".
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1001771
Trend Micro Deep Security DPI Rule Name: 1001771 - Mozilla Firefox File Action Dialog Refocus Vulnerability
Software y versión afectados
- Mozilla Firefox 2.0.0.11