CVE-2014-1539 (retired)

Priority
Description
Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not
ensure visibility of the cursor after interaction with a Flash object and a
DIV element, which makes it easier for remote attackers to conduct
clickjacking attacks via JavaScript code that produces a fake cursor image.
Notes
 chrisccoulson> Only affects Firefox on OS X
Assigned-to
chrisccoulson
Package
Upstream:released (30.0)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected
More Information

Updated: 2019-03-26 12:12:39 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)