Vulnerabilities > CVE-2023-29534 - Unspecified vulnerability in Mozilla Firefox and Firefox Focus

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

mozilla

critical

NVD

Published: 2023-06-19

Updated: 2023-06-27

Summary

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Firefox 80.0 Mozilla Firefox 83.0 Mozilla Firefox 84.0 Mozilla Firefox 84.1.3 Mozilla Firefox 92.0 Mozilla Firefox 104.0 Mozilla Firefox 110.1 Mozilla Firefox Focus *	8

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1816059
https://www.mozilla.org/security/advisories/mfsa2023-13/
https://bugzilla.mozilla.org/show_bug.cgi?id=1822298
https://bugzilla.mozilla.org/show_bug.cgi?id=1821906
https://bugzilla.mozilla.org/show_bug.cgi?id=1821576
https://bugzilla.mozilla.org/show_bug.cgi?id=1821155
https://bugzilla.mozilla.org/show_bug.cgi?id=1822305
https://bugzilla.mozilla.org/show_bug.cgi?id=1816007