Описание
The saltProfileName function in base/GeckoProfileDirectories.java in Mozilla Firefox through 28.0.1 on Android relies on Android's weak approach to seeding the Math.random function, which makes it easier for attackers to bypass a profile-randomization protection mechanism via a crafted application.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 28.0.1 (включая)
Одновременно
cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00151
Низкий
5 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
debian
почти 12 лет назад
The saltProfileName function in base/GeckoProfileDirectories.java in M ...
github
больше 3 лет назад
The saltProfileName function in base/GeckoProfileDirectories.java in Mozilla Firefox through 28.0.1 on Android relies on Android's weak approach to seeding the Math.random function, which makes it easier for attackers to bypass a profile-randomization protection mechanism via a crafted application.
EPSS
Процентиль: 36%
0.00151
Низкий
5 Medium
CVSS2
Дефекты
CWE-264