Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Wifi direct system messages don't require a permission

Related Vulnerabilities: CVE-2015-4494  

Source

Mozilla Foundation Security Advisory 2015-76

Wifi direct system messages don't require a permission

Announced
August 6, 2015
Reporter
Paul Theriault
Impact
Low
Products
Firefox OS
Fixed in
  • Firefox OS 2.2

Description

Paul Theriault of Mozilla discovered a privacy issue with a WiFi-related system message that wasn't properly restricted to apps with the "wifi-manage" permission. As a result, even unprivileged apps could have received those messages, allowing them to extract limited information from a vulnerable Firefox OS device under certain rare conditions.

References

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started