CVE-2015-2714

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 38.0 on Android

Description The issue allows attackers to obtain sensitive information via a crafted application that has a required permission for reading a log, as demonstrated by the READ LOGS permission for the mixed-content violation log on Android 4.0 and earlier. This is due to the improper restriction of writing URL data to the Android logging system.

Recommendations For versions prior to 38.0, update to version 38.0 or later to resolve the issue.