CVE-2023-29534

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android.  These could have led to potential user confusion and spoofing attacks.

*This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
mozillaCNA
---
---
CVEADP
---
---
CISA-ADPADP
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Debian logo
Debian Releases
Debian Product
Codename
firefox
sid
133.0.3-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
not-affected
jammy
not-affected
focal
not-affected
bionic
not-affected
xenial
ignored
trusty
ignored
mozjs38
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
focal
dne
bionic
ignored
xenial
dne
trusty
dne
mozjs52
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
focal
ignored
bionic
ignored
xenial
dne
trusty
dne
mozjs68
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
dne
focal
ignored
bionic
dne
xenial
dne
trusty
dne
mozjs78
noble
dne
mantic
dne
lunar
ignored
kinetic
ignored
jammy
ignored
focal
dne
bionic
dne
xenial
dne
trusty
dne
mozjs91
noble
dne
mantic
dne
lunar
dne
kinetic
dne
jammy
ignored
focal
dne
bionic
dne
xenial
dne
trusty
dne
thunderbird
noble
not-affected
mantic
not-affected
lunar
not-affected
kinetic
ignored
jammy
not-affected
focal
not-affected
bionic
ignored
xenial
ignored
trusty
ignored
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1816007
https://bugzilla.mozilla.org/show_bug.cgi?id=1816059
https://bugzilla.mozilla.org/show_bug.cgi?id=1821155
https://bugzilla.mozilla.org/show_bug.cgi?id=1821576
https://bugzilla.mozilla.org/show_bug.cgi?id=1821906
https://bugzilla.mozilla.org/show_bug.cgi?id=1822298
https://bugzilla.mozilla.org/show_bug.cgi?id=1822305
https://www.mozilla.org/security/advisories/mfsa2023-13/
https://bugzilla.mozilla.org/show_bug.cgi?id=1816007
https://bugzilla.mozilla.org/show_bug.cgi?id=1816059
https://bugzilla.mozilla.org/show_bug.cgi?id=1821155
https://bugzilla.mozilla.org/show_bug.cgi?id=1821576
https://bugzilla.mozilla.org/show_bug.cgi?id=1821906
https://bugzilla.mozilla.org/show_bug.cgi?id=1822298
https://bugzilla.mozilla.org/show_bug.cgi?id=1822305
https://www.mozilla.org/security/advisories/mfsa2023-13/