virus logo FortiClient Vulnerability

Mozilla Firefox CVE-2015-0798 Weak Authentication Vulnerability

description-logoDescription

Security researcher Armin Razmdjou reported a flaw in Reader mode on Firefox for Android. Reader mode reformats web content for easy readability and operates as unprivileged content that is the equivalent of the formatted content. When Reader mode is unable to process content, it displays the original web pages. Since it is unprivileged, there are no restrictions on pages linking to or framing Reader mode content. The reported flaw is that privileged URLs can be passed to Reader mode and bypass the normal restrictions that prevent web pages from obtaining references to privileged contexts. If this issue was combined with another flaw that allowed for a violation of the same-origin policy, then the resulting combination could lead to arbitrary code execution.

affected-products-logoAffected Applications

Firefox

CVE References

CVE-2015-0798

Other References

https://www.mozilla.org/en-US/security/advisories/mfsa2015-43
ID 21131
Created Jul 11, 2018
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Mozilla
Patch auto
Application Firefox