Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 256131 (CVE-2009-0253) - www-client/mozilla-firefox Status Bar Obfuscation (CVE-2009-0253)
Summary: www-client/mozilla-firefox Status Bar Obfuscation (CVE-2009-0253)
Alias: CVE-2009-0253
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
Whiteboard: B4 [noglsa]
Depends on: CVE-2009-0352
  Show dependency tree
Reported: 2009-01-23 21:52 UTC by Stefan Behte (RETIRED)
Modified: 2013-09-03 02:29 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2009-01-23 21:52:06 UTC
CVE-2009-0253 (
  Mozilla Firefox 3.0.5 allows remote attackers to trick a user into
  visiting an arbitrary URL via an onclick action that moves a crafted
  element to the current mouse position, related to a "Status Bar
  Obfuscation" and "Clickjacking" attack.
Comment 1 Alex Legler (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2009-08-13 09:54:40 UTC
Still not fixed in 3.5.2
Comment 2 Jory A. Pratt gentoo-dev 2011-01-14 17:26:21 UTC
(In reply to comment #1)
> Still not fixed in 3.5.2

Readd us if needed appears to be fixed in current firefox.