Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2007-04

Spoofing using custom cursor and CSS3 hotspot

February 23, 2007
David Eckel
Firefox, SeaMonkey
Fixed in
  • Firefox
  • Firefox
  • SeaMonkey 1.0.8


David Eckel reported that browser UI elements--such as the host name and security indicators--could be spoofed by using a large, mostly transparent, custom cursor and adjusting the CSS3 hotspot property so that the visible part of the cursor floated outside the browser content area.

This feature was introduced in Firefox 1.5 and does not affect products based on Mozilla 1.7 or earlier such as Firefox 1.0


Any such spoofing can be made less effective by customizing the appearance of your browser. Right-click on an empty toolbar area and select "Customize..." to move, add, or delete toolbar buttons and other elements.