Search for packages
| purl | pkg:mozilla/Firefox%20OS@2.5.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-1a1c-ps4h-9yge | Shally Li was first to report a race condition in the lockscreen of Firefox OS that can be used to bypass the passcode lock of a Firefox OS device. Under certain circumstances on a locked device, the user will be dropped directly to the homescreen instead of being presented with the passcode input dialog. |
CVE-2015-8511
|
| VCID-2rn3-ydxb-5ugu | Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. |
CVE-2015-4477
|
| VCID-2v2n-95e7-d7gw | Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. |
CVE-2015-7210
|
| VCID-357y-8gzv-pqcr | Mozilla fixed a bug in the l10n localization of the default homescreen app of Firefox OS reported by security researcher Muneaki Nishimura. Exploiting this issue requires tricking the user into bookmarking a specially crafted web page via the 'Add to home screen' functionality. As a result, an iframe controlled by the attacker would be executed with homescreen privileges, potentially leading to further system compromise. |
CVE-2015-8510
|
| VCID-6f4h-mcwj-nkd6 | Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. |
CVE-2015-7201
|
| VCID-6kac-5ery-wuew | Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. |
CVE-2015-4473
|
| VCID-7rmg-2u67-kqf3 | security update |
CVE-2015-4509
|
| VCID-88kb-em1q-77gc | security update |
CVE-2015-4500
|
| VCID-9p7y-4cfe-ffag | Security researcher Spandan Veggalam reported a crash while using the debugger API with SavedStacks in JavaScript. This crash can only occurs when the debugger is in use but may be potentially exploitable. |
CVE-2015-4507
|
| VCID-h6wt-azn4-mqfn | Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. |
CVE-2015-7205
|
| VCID-kare-ffhq-93dc | Security researcher André Bargull reported that when a web page creates a scripted proxy for the window with a handler defined a certain way, a reference to the inner window will be passed, rather than that of the outer window in violation of the specification. |
CVE-2015-4502
|
| VCID-kuqd-a9t3-vyam | Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. |
CVE-2015-7193
|
| VCID-nega-51gt-hqfd | Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. |
CVE-2015-4482
|
| VCID-pbzg-cqa6-yba5 | Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. |
CVE-2015-7214
|
| VCID-s76d-pjvk-63cr | Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. |
CVE-2015-4485
|
| VCID-sz8x-vmck-6yc5 | security update |
CVE-2015-4519
|
| VCID-teza-m5kj-s7ac | Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. |
CVE-2015-4492
|
| VCID-tsmv-w2tb-hyht | Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. |
CVE-2015-4487
|
| VCID-ueke-9crt-qybh | Multiple vulnerabilities have been found in Firefox, Thunderbird, Network Security Services (NSS), and NetScape Portable Runtime (NSPR) with the worst of which may allow remote execution of arbitrary code. |
CVE-2015-4475
|
| VCID-v213-2wvj-effu | Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. |
CVE-2015-7218
|
| VCID-vs2t-gwzk-6ubt | security update |
CVE-2015-4517
|
| VCID-y4jx-5cgd-kbbp | security update |
CVE-2015-4520
|
| VCID-zhyg-avrd-z7gu | Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. |
CVE-2015-4513
|
| VCID-zzg5-jcyr-xycc | Frederik Braun of Mozilla discovered a bug in the lockscreen state logic that allows an attacker to bypass the lockscreen delay. The delay was introduced to make it harder to brute-force the passcode lock of a Firefox OS device when an attacker has gained physical access. A successful attack would render that tar-pitting mechanism ineffective. |
CVE-2015-8512
|