Published: 07/01/2021 Updated: 12/01/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

When a malicious application installed on the user's device broadcast an Intent to Firefox for Android prior to 84.0, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation. This was resolved by only allowing certain safe-listed headers.

Vulnerable Product	Search on Vulmon	Subscribe to Product
mozilla firefox

Mozilla Foundation Security Advisory 2020-54 Security Vulnerabilities fixed in Firefox 84 Announced December 15, 2020 Impact critical Products Firefox Fixed in Firefox 84 ...

When a malicious application installed on the user's device broadcast an Intent to Firefox for Android before 840, arbitrary headers could have been specified, leading to attacks such as abusing ambient authority or session fixation This was resolved by only allowing certain safe-listed headers ...

NVD-CWE-noinfo https://www.mozilla.org/security/advisories/mfsa2020-54/https://bugzilla.mozilla.org/show_bug.cgi?id=1661071 https://nvd.nist.gov https://www.mozilla.org/en-US/security/advisories/mfsa2020-54/https://security.archlinux.org/CVE-2020-26975

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-26975

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect