CVE-2023-4051
Mozilla: Full screen notification obscured by file open dialog
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116, Firefox ESR < 115.2, and Thunderbird < 115.2.
Un sitio web podría haber oscurecido la notificación de pantalla completa utilizando el cuadro de diálogo de apertura de archivo. Esto podría haber generado confusión en los usuarios y posibles ataques de suplantación de identidad. Esta vulnerabilidad afecta a Firefox < 116, Firefox ESR < 115.2 y Thunderbird < 115.2.
The Mozilla Foundation Security Advisory describes this flaw as: A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks.
Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.7.0 are affected.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2023-08-01 CVE Reserved
- 2023-08-01 CVE Published
- 2024-10-22 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-290: Authentication Bypass by Spoofing
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://www.mozilla.org/security/advisories/mfsa2023-36 | ||
| https://www.mozilla.org/security/advisories/mfsa2023-38 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.mozilla.org/security/advisories/mfsa2023-29 | 2023-09-11 | |
| https://access.redhat.com/security/cve/CVE-2023-4051 | 2023-09-07 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2236076 | 2023-09-07 |