CNVD-2025-01193 — Vulnetix

CNVD-2025-01193 PUBLISHED CVSS 6.5 MEDIUM

Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。Mozilla Firefox ESR是Firefox（Web浏览器）的一个延长支持版本。Mozilla Thunderbird是电子邮件客户端软件，支持IMAP、POP邮件协议以及HTML邮件格式。多款Mozilla产品存在欺骗漏洞，攻击者可利用此漏洞欺骗警报对话框。

Risk Scores

CVSS 3.1

6.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Products

Vendor	Product	Versions
Mozilla	Firefox ESR	unspecified
Mozilla	Firefox	unspecified
Mozilla	Thunderbird	unspecified

Exploit Intelligence

https://bugzilla.mozilla.org/show_bug.cgi?id=1877879 (circl)
https://www.mozilla.org/security/advisories/mfsa2024-05/ (circl)
https://www.mozilla.org/security/advisories/mfsa2024-06/ (circl)
https://www.mozilla.org/security/advisories/mfsa2024-07/ (circl)
https://lists.debian.org/debian-lts-announce/2024/03/msg00000.html (circl)
https://lists.debian.org/debian-lts-announce/2024/03/msg00001.html (circl)
CIRCL seen: CVE-2024-1547 (circl-sighting)
CIRCL seen: CVE-2024-1547 (circl-sighting)
CIRCL seen: CVE-2024-1547 (circl-sighting)

Timeline

Feb 20, 2024 CVE Published
Feb 20, 2024 PoC Published
Feb 21, 2024 PoC Published
Mar 8, 2024 PoC Published

References

Open in Interactive Console →