Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox OS 权限许可和访问控制漏洞
Vulnerability Description
Mozilla Firefox OS是美国Mozilla基金会的一套基于Linux内核并应用于智能手机和平板电脑中的移动操作系统。 Mozilla Firefox OS 2.2之前版本的Accounts设置对话框中的COPPA错误页面存在安全漏洞,该漏洞源于程序从外网服务器URL向System进程中嵌入内容。攻击者可通过欺骗该服务器利用该漏洞执行中间人攻击,绕过既定的访问限制。
CVSS Information
N/A
Vulnerability Type
N/A