Man-in-the-Middle Vulnerability in Mozilla Firefox OS Accounts Setup
CVE-2015-5961

Currently unrated

Key Information:

Vendor: Mozilla
Status: Firefox Os
Vendor: CVE Published:; 8 August 2015

What is CVE-2015-5961?

A vulnerability exists in the COPPA error page of the Accounts setup dialog in Mozilla Firefox OS versions before 2.2. This flaw allows attackers to embed content from a malicious external web server into the System process, potentially enabling them to spoof that server and bypass intended access restrictions. This risk significantly compromises the integrity of user data and poses a threat to the overall security of the device.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1123433

x_refsource_CONFIRM

http://www.securityfocus.com/bid/76255

vdb-entryx_refsource_BID

http://www.mozilla.org/security/announce/2015/mfsa2015-75...

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 8, 2015
Vulnerability Reserved
Aug 7, 2015