3 matches found
Mozilla Firefox lightweight theme installation allows bypass vulnerability
Mozilla Firefox is a web browser released by Mozilla. A security vulnerability exists in Mozilla Firefox that allows a man-in-the-middle attacker to spoof Moziall subdomains to bypass user consent information to install Firefox lightweight themes...
Design/Logic Flaw
The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding opt parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scop...
CVE-2014-7922
The GoogleAuthUtil.getToken method in the Google Play services SDK before 2015 sets parameters in OAuth token requests upon finding a corresponding opt parameter in the Bundle extras argument, which allows attackers to bypass an intended consent dialog and retrieve tokens for arbitrary OAuth scop...