4.3
CVSSv2

CVE-2015-7185

Published: 05/11/2015 Updated: 07/12/2016
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Mozilla Firefox prior to 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.

Affected Products

Vendor Product Versions
MozillaFirefox41.0.2

Vendor Advisories

Firefox for Android addressbar can be removed after fullscreen mode Announced November 3, 2015 Reporter Jordi Chancel Impact Moderate Products Firefox Fixed in ...
Oracle Solaris Third Party Bulletin - April 2016 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Upda ...