Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has a SELECT elements menu active, which allows remote attackers to spoof page content via vectors involving absolute positioning and scrolling.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Firefox | Mozilla | * | 16.0 (excluding) |
Seamonkey | Mozilla | * | 2.13 (excluding) |
Thunderbird | Mozilla | * | 16.0 (excluding) |