#VU89555 Spoofing attack in Mozilla Firefox and Firefox for Android - CVE-2024-4773
Published: May 15, 2024
Vulnerability identifier: #VU89555
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2024-4773
CWE-ID: CWE-451
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Mozilla Firefox
Firefox for Android
Mozilla Firefox
Firefox for Android
Software vendor:
Mozilla
Mozilla
Description
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect handling of network errors during page load, which could lead to the prior content to remain in view with a blank URL bar. A remote attacker can perform spoofing attack.
Remediation
Install updates from vendor's website.