6 matches found
CVE-2020-26975
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. Note: This...
SUSE CVE-2020-26975
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. Note: This...
CVE-2020-26975
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. Note: This...
CVE-2020-26975
When a malicious application installed on the user's device broadcast an Intent to Firefox for Android, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers. Note: This...
CVE-2020-26975
CVE-2020-26975 concerns Mozilla Firefox for Android. A malicious app that broadcasts an Intent to Firefox for Android could specify arbitrary headers, enabling attacks such as ambient authority abuse or session fixation. The issue is limited to Firefox for Android; other OSes are unaffected, and ...
Mozilla Firefox < 84.0
The version of Firefox installed on the remote Windows host is prior to 84.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2020-54 advisory. - The lifecycle of IPC Actors allows managed actors to outlive their manager actors; and the former must ensure that they...