Permission Issues
CVE-2016-5299
Summary
A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
CWE-275 - Permission Issues
Weaknesses in this category are related to improper assignment or handling of permissions.
References
Advisory Timeline
- Published