Rewterz Threat Alert – APT C-35 Targeting Pakistani Organizations
June 26, 2020Rewterz Threat Advisory – CVE-2020-11996 – Apache Tomcat denial of service Vulnerability
June 29, 2020Rewterz Threat Alert – APT C-35 Targeting Pakistani Organizations
June 26, 2020Rewterz Threat Advisory – CVE-2020-11996 – Apache Tomcat denial of service Vulnerability
June 29, 2020Severity
Medium
Analysis Summary
Mozilla Firefox for iOS could provide weaker than expected security. The IndexedDB is not cleared when leaving private browsing mode, caused by the failure to use the API for WKWebViewConfiguration and the requirement of the private instance of this object be deleted when leaving private mode. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to launch further attacks on the system.
Impact
Bypass Security
Affected Vendors
Mozilla
Affected Products
Mozilla Firefox for iOS 26
Remediation
Update to latest version of IOS for Firefox 27.