Описание
Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одновременно
Одно из
EPSS
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515.
Mozilla Firefox before 31.1 on Android does not properly restrict copy ...
Mozilla Firefox before 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows attackers to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515.
EPSS
4.3 Medium
CVSS2