CVE-2009-0253

Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
mozillafirefox
3.0.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
jaunty
dne
intrepid
dne
hardy
ignored
gutsy
ignored
dapper
ignored
firefox-3.0
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
dne
iceape
jaunty
dne
intrepid
dne
hardy
dne
gutsy
ignored
dapper
dne
icedove
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
dne
iceweasel
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
dne
mozilla-thunderbird
jaunty
dne
intrepid
dne
hardy
dne
gutsy
dne
dapper
ignored
seamonkey
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
dne
dapper
dne
thunderbird
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
dne
xulrunner
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
dne
xulrunner-1.9
jaunty
ignored
intrepid
ignored
hardy
ignored
gutsy
ignored
dapper
dne
References
http://securityreason.com/securityalert/4936
https://exchange.xforce.ibmcloud.com/vulnerabilities/48212
https://www.exploit-db.com/exploits/7842
http://securityreason.com/securityalert/4936
https://exchange.xforce.ibmcloud.com/vulnerabilities/48212
https://www.exploit-db.com/exploits/7842