CVE-2015-5961

CWE-2643 documents3 sources
Severity
3.3LOW
EPSS
0.1%
top 75.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Firefox OS
Timeline
PublishedAug 8
Latest updateMay 17

Description

The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server.

CVSS vector

AV:A/AC:L/C:N/I:P/A:NExploitability: 6.5 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-22jq-crhx-w9j5: The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 22022-05-17
CVEList
CVE-2015-5961: The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 22015-08-08
CVE-2015-5961 (LOW CVSS 3.3) | The COPPA error page in the Account | cvebase.io