CVE-2015-5961

CVE Database · CVE-2015-5961

CVE-2015-5961

· N/AModified

CVSS v3.1

N/A

EPSS

0.38%

Published

Aug 7, 2015

Modified

May 6, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content from an external web server URL into the System process, which allows man-in-the-middle attackers to bypass intended access restrictions by spoofing that server.

Weaknesses (CWE)

CWE-264

Affected Products (1)

mozilla · firefox_osvulnerable

References (6)

http://www.mozilla.org/security/announce/2015/mfsa2015-75.html

http://www.securityfocus.com/bid/76255

https://bugzilla.mozilla.org/show_bug.cgi?id=1123433

Vendor Advisory

http://www.mozilla.org/security/announce/2015/mfsa2015-75.html

http://www.securityfocus.com/bid/76255

https://bugzilla.mozilla.org/show_bug.cgi?id=1123433

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs