Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox/SeaMonkey 输入验证错误漏洞
Vulnerability Description
Mozilla Firefox和SeaMonkey都是由美国Mozilla基金会开发。Firefox是一款开源Web浏览器。SeaMonkey是一套免费、开源以及跨平台的网络套装软件。 Mozilla Firefox 26.0及之前的版本和SeaMonkey 2.24 beta1及之前的版本中的文件下载过程中存在输入验证漏洞,该漏洞源于程序没有限制按钮选择的时间。远程攻击者可借助特制的网站利用该漏洞实施点击劫持攻击,打开下载的文件。
CVSS Information
N/A
Vulnerability Type
N/A