Mozilla Firefox before 46.0 on Android before 5.0 allows attackers to bypass intended Signature access requirements via a crafted application that leverages content-provider permissions, as demonstrated by reading the browser history or a saved password.
2016-04-30T17:59:07.350
2025-04-12T10:46:40.837
Deferred
CVSSv3.0: 5.0 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:N/A:N
8.6
2.9
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | android | ≤ 4.4.4 | No | |
Application | mozilla | firefox | ≤ 45.0.2 | Yes |