CVE-2009-0253

EUVD-2009-0261
Mozilla Firefox 3.0.5 allows remote attackers to trick a user into visiting an arbitrary URL via an onclick action that moves a crafted element to the current mouse position, related to a "Status Bar Obfuscation" and "Clickjacking" attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
Affected Products (NVD)
VendorProductVersion
mozillafirefox
3.0.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
dapper
ignored
gutsy
ignored
hardy
ignored
intrepid
dne
jaunty
dne
firefox-3.0
dapper
dne
gutsy
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
iceape
dapper
dne
gutsy
ignored
hardy
dne
intrepid
dne
jaunty
dne
icedove
dapper
dne
gutsy
dne
hardy
dne
intrepid
dne
jaunty
dne
iceweasel
dapper
dne
gutsy
dne
hardy
dne
intrepid
dne
jaunty
dne
mozilla-thunderbird
dapper
ignored
gutsy
dne
hardy
dne
intrepid
dne
jaunty
dne
seamonkey
dapper
dne
gutsy
dne
hardy
ignored
intrepid
ignored
jaunty
ignored
thunderbird
dapper
dne
gutsy
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
xulrunner
dapper
dne
gutsy
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
xulrunner-1.9
dapper
dne
gutsy
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
References
http://securityreason.com/securityalert/4936
https://exchange.xforce.ibmcloud.com/vulnerabilities/48212
https://www.exploit-db.com/exploits/7842
http://securityreason.com/securityalert/4936
https://exchange.xforce.ibmcloud.com/vulnerabilities/48212
https://www.exploit-db.com/exploits/7842