Mozilla Firefox_os
13 CVEs affecting Mozilla Firefox_os. Latest disclosed: 2016-01-09. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-8511 | Medium | 6.4 | 2016-01-09 | Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via… |
CVE-2015-8510 | Medium | 6.1 | 2016-01-09 | Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assiste… |
CVE-2015-8512 | Medium | 4.6 | 2016-01-09 | The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proxima… |
CVE-2015-4000 | Low | 3.7 | 2015-05-21 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which… |
CVE-2015-4489 | | 2015-08-16 | The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial… | |
CVE-2015-4488 | | 2015-08-16 | Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows re… | |
CVE-2015-4487 | | 2015-08-16 | The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to… | |
CVE-2015-5962 | | 2015-08-08 | Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in… | |
CVE-2015-5961 | | 2015-08-08 | The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, whic… | |
CVE-2015-5960 | | 2015-08-08 | Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protection mechanism and access USB Mass Storage (UMS) media volume… | |
CVE-2015-4494 | | 2015-08-08 | Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensi… | |
CVE-2015-2745 | | 2015-08-08 | Multiple cross-site scripting (XSS) vulnerabilities in the Search app in Gaia in Mozilla Firefox OS before 2.2 allow remote attackers to inject arbitrary HTML… | |
CVE-2015-2744 | | 2015-08-08 | Cross-site scripting (XSS) vulnerability in the Search app in Gaia in Mozilla Firefox OS before 2.2 allows remote attackers to inject arbitrary HTML via a craf… |