PT-2018-4926 · Mozilla+2 · Firefox For Android+2

Ken Okuyama

·

Publicado

2016-11-17

·

Atualizado

2024-12-12

·

CVE-2016-5299

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Firefox for Android versions prior to 50
Description A malicious Android application with the same signature-level permissions as Firefox can intercept AuthTokens intended for Firefox. This issue is specific to Firefox for Android and does not affect other versions or operating systems.
Recommendations For Firefox for Android versions prior to 50, update to version 50 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-275

Identificadores relacionados

ALT-PU-2016-2307
CVE-2016-5299
OPENSUSE-SU-2016_3011-1
OPENSUSE-SU-2024:10071-1
OPENSUSE-SU-2024:14572-1

Produtos afetados

Alt Linux
Firefox For Android
Suse