Main Vulnerability Database Vulnerabilities #VU96734

#VU96734 Insufficient UI Warning of Dangerous Operations in Firefox for Android - CVE-2024-8388

Published: September 3, 2024

Vulnerability identifier: #VU96734

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-8388

CWE-ID: CWE-357

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Firefox for Android

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists due to multiple prompts and panels from both Firefox and the Android OS could be used to obscure the notification announcing the transition to fullscreen mode. A remote attacker can perform spoofing attack.

Remediation

Install updates from vendor's website.

External links

https://www.mozilla.org/en-US/security/advisories/mfsa2024-39/

#VU96734 Insufficient UI Warning of Dangerous Operations in Firefox for Android - CVE-2024-8388

Description

Remediation

External links

Please verify you're human