Mozilla SeaMonkey CVE-2014-1480 Information Disclosure Vulnerability

description-logoDescription

Security researcher Jordi Chancel reported that the dialog for saving downloaded files did not implement a security timeout before button selections were processed. This could be used in concert with spoofing to convince users to select a different option than intended, causing downloaded files to be potentially opened instead of only saved in some circumstances.

affected-products-logoAffected Applications

SeaMonkey

CVE References

CVE-2014-1480