We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-11700



Description

Malicious websites may have been able to perform user intent confirmation through tapjacking. This could have led to users unknowingly approving the launch of external applications, potentially exposing them to underlying vulnerabilities. This vulnerability affects Firefox < 133 and Thunderbird < 133.

Reserved 2024-11-25 | Published 2024-11-26 | Updated 2024-12-02 | Assigner mozilla

Problem types

Potential Tapjacking Exploit for Intent Confirmation on Android

Product status

Any version before 133
affected

Any version before 133
affected

Credits

Shaheen Fazim

References

bugzilla.mozilla.org/show_bug.cgi?id=1836921

www.mozilla.org/security/advisories/mfsa2024-63/

www.mozilla.org/security/advisories/mfsa2024-67/

cve.org (CVE-2024-11700)

nvd.nist.gov (CVE-2024-11700)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-11700

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.