First published: Sat Aug 08 2015(Updated: )
The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mozilla Firefox OS | <=2.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-5961 is classified as a high severity vulnerability that allows man-in-the-middle attacks.
To fix CVE-2015-5961, users should upgrade to Mozilla Firefox OS version 2.2 or later.
CVE-2015-5961 can be exploited by man-in-the-middle attackers to bypass access restrictions.
CVE-2015-5961 affects Mozilla Firefox OS versions before 2.2, specifically up to 2.1.0.
CVE-2015-5961 affects the COPPA error page in the Accounts setup dialog of Mozilla Firefox OS.