Home

CVE-2016-1941

Description

The file-download dialog in Mozilla Firefox before 44.0 on OS X enables a certain button too quickly, which allows remote attackers to conduct clickjacking attacks via a crafted web site that triggers a single-click action in a situation where a double-click action was intended.

Risk Information

Base Score
6.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.248

Associated Vulnerability

VulnerabilityOS Platform
Update for Mozilla Firefox (44.0)Windows
Update for Mozilla Firefox x64 (44.0)Windows
Update for Mozilla Firefox (44.0.1)Windows
Update for Mozilla Firefox x64 (44.0.1)Windows
Update for Mozilla Firefox (44.0.2)Windows
Update for Mozilla Firefox x64 (44.0.2)Windows
Multiple Vulnerabilities are affected in Mozilla Firefox (x64) 43.0.4Windows
Multiple Vulnerabilities are affected in Mozilla_Firefox 43.0.4Windows
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (44.0)Mac
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (44.0.1)Mac
Multiple vulnerabilities are fixed in Update for Mozilla Firefox For Mac (44.0.2)Mac
Multiple Vulnerabilities are affected in Mozilla Firefox for Mac 43.0.4Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-302195Update for Mozilla Firefox (44.0)
PATCH-302196Update for Mozilla Firefox x64 (44.0)
PATCH-302198Update for Mozilla Firefox x64 (44.0.1)
PATCH-302199Update for Mozilla Firefox (44.0.2)
PATCH-302200Update for Mozilla Firefox x64 (44.0.2)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-607000Mozilla Firefox For Mac (124.0)
PATCH-611870Mozilla Firefox For Mac (142.0.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234