mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-10 15:59:29 +02:00
0xMarcio
843 B
843 B
CVE-2014-1539
Description
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image.
POC
Reference
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- https://bugzilla.mozilla.org/show_bug.cgi?id=995603
Github
No PoCs found on GitHub currently.