Privilege Escalation in Mozilla Firefox OS Compromises Sensitive Wi-Fi Information
CVE-2015-4494

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox Os
Vendor: CVE Published:; 8 August 2015

What is CVE-2015-4494?

Mozilla Firefox OS versions prior to 2.2 exhibit a vulnerability that allows malicious applications to access Wi-Fi system messages without the necessary wifi-manage privileges. This can lead to the unauthorized retrieval of sensitive information, putting users' privacy at risk if they install untrusted applications. Developers and users of Firefox OS should be aware of this issue to prevent potential exploitation via crafted apps.

References

http://www.mozilla.org/security/announce/2015/mfsa2015-76...

x_refsource_CONFIRM

https://bugzilla.mozilla.org/show_bug.cgi?id=1138808

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 8, 2015
Vulnerability Reserved
Jun 10, 2015