Vulnerabilities > CVE-2023-29534 - Unspecified vulnerability in Mozilla Firefox and Firefox Focus

CVSS 9.1 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

mozilla

critical

NVD

Published: 2023-06-19

Updated: 2023-06-27

Summary

Different techniques existed to obscure the fullscreen notification in Firefox and Focus for Android. These could have led to potential user confusion and spoofing attacks. *This bug only affects Firefox and Focus for Android. Other versions of Firefox are unaffected.* This vulnerability affects Firefox for Android < 112 and Focus for Android < 112.

Vulnerable Configurations

Part	Description	Count
Application	Mozilla Mozilla Firefox 80.0 Mozilla Firefox 83.0 Mozilla Firefox 84.0 Mozilla Firefox 84.1.3 Mozilla Firefox 92.0 Mozilla Firefox 104.0 Mozilla Firefox Focus *	7

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1816059
https://www.mozilla.org/security/advisories/mfsa2023-13/
https://bugzilla.mozilla.org/show_bug.cgi?id=1822298
https://bugzilla.mozilla.org/show_bug.cgi?id=1821906
https://bugzilla.mozilla.org/show_bug.cgi?id=1821576
https://bugzilla.mozilla.org/show_bug.cgi?id=1821155
https://bugzilla.mozilla.org/show_bug.cgi?id=1822305
https://bugzilla.mozilla.org/show_bug.cgi?id=1816007