Main Vulnerability Database Vulnerabilities #VU98703

#VU98703 Multiple Interpretations of UI Input in Firefox for iOS - CVE-2024-10004

Published: October 16, 2024

Vulnerability identifier: #VU98703

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-10004

CWE-ID: CWE-450

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Firefox for iOS

Software vendor:
Mozilla

Description

The vulnerability allows a remote attacker to perform spoofing attack.

The vulnerability exists an unspecified error. Opening an external link to an HTTP website when Firefox iOS was previously closed and had an HTTPS tab open could in some cases result in the padlock icon showing an HTTPS indicator incorrectly.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.mozilla.org/show_bug.cgi?id=1904885
https://www.mozilla.org/security/advisories/mfsa2024-54/

#VU98703 Multiple Interpretations of UI Input in Firefox for iOS - CVE-2024-10004

Description

Remediation

External links

Please verify you're human