REDHAT-BUG-2328948
First published: Tue Nov 26 2024(Updated: )
A crafted URL containing Arabic script and whitespace characters could have hidden the true origin of the page, resulting in a potential spoofing attack. This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Thunderbird < 133, and Thunderbird < 128.5.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Firefox | <133 | |
| Firefox ESR | <128.5 | |
| Thunderbird | <133 | |
| Thunderbird | <128.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2024:10592
- https://access.redhat.com/errata/RHSA-2024:10591
- https://access.redhat.com/errata/RHSA-2024:10667
- https://access.redhat.com/errata/RHSA-2024:10702
- https://access.redhat.com/errata/RHSA-2024:10703
- https://access.redhat.com/errata/RHSA-2024:10704
- https://access.redhat.com/errata/RHSA-2024:10710
- https://access.redhat.com/errata/RHSA-2024:10733
- https://access.redhat.com/errata/RHSA-2024:10734
- https://access.redhat.com/errata/RHSA-2024:10743
- https://access.redhat.com/errata/RHSA-2024:10742
- https://access.redhat.com/errata/RHSA-2024:10745
- https://access.redhat.com/errata/RHSA-2024:10748
- https://access.redhat.com/errata/RHSA-2024:10752
- https://access.redhat.com/errata/RHSA-2024:10844
- https://access.redhat.com/errata/RHSA-2024:10848
- https://access.redhat.com/errata/RHSA-2024:10849
- https://access.redhat.com/errata/RHSA-2024:10881
- https://access.redhat.com/errata/RHSA-2024:10880
- https://bugzilla.redhat.com/show_bug.cgi?id=2328948
Frequently Asked Questions
What is the severity of REDHAT-BUG-2328948?
REDHAT-BUG-2328948 is considered a potential spoofing vulnerability that could deceive users about the origin of a webpage.
Which software versions are affected by REDHAT-BUG-2328948?
REDHAT-BUG-2328948 affects Firefox versions below 133, Firefox ESR versions below 128.5, and Thunderbird versions below 133.
What could be the impact of exploiting REDHAT-BUG-2328948?
Exploiting REDHAT-BUG-2328948 could allow an attacker to create a false impression of website authenticity, leading to potential phishing attempts.
How do I fix REDHAT-BUG-2328948?
To fix REDHAT-BUG-2328948, update Mozilla Firefox, Firefox ESR, and Thunderbird to the latest versions available.
Is there a workaround for REDHAT-BUG-2328948 until a patch is available?
Currently, there are no recommended workarounds for REDHAT-BUG-2328948 besides updating affected applications to secure versions.
- agent/severity
- agent/description
- agent/event
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-11695
- agent/last-modified-date
- agent/references
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/mozilla
- canonical/firefox
- canonical/firefox esr
- canonical/thunderbird