CVE Vulnerabilities

CVE-2016-2831

Published: Jun 13, 2016 | Modified: Oct 30, 2018
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:H
CVSS 2.x
5.8 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 do not ensure that the user approves the fullscreen and pointerlock settings, which allows remote attackers to cause a denial of service (UI outage), or conduct clickjacking or spoofing attacks, via a crafted web site.

Affected Software

Name Vendor Start Version End Version
Ubuntu_linux Canonical 12.04 12.04
Ubuntu_linux Canonical 16.04 16.04
Ubuntu_linux Canonical 15.10 15.10
Ubuntu_linux Canonical 14.04 14.04

References