Mozilla Firefox CVE-2014-1489 Weak Authentication Vulnerability

description-logoDescription

Yazan Tommalieh discovered a flaw that once users have viewed the default Firefox start page (about:home), subsequent pages they navigate to in that same tab could use script to activate the buttons that were on the about:home page. Most of these simply open Firefox dialogs such as Settings or History, which might alarm users. In some cases a malicious page could trigger session restore and cause data loss if the current tabs are replaced by a previously stored set.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2014-1489