Описание
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 68.11.
Ссылки
- Issue Tracking
- Vendor Advisory
- Issue Tracking
- Vendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
Given an installed malicious file picker application, an attacker was ...
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
Уязвимость браузера Firefox ESR для операционных систем Android, связанная с небезопасным управлением привилегиями, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
EPSS
5.5 Medium
CVSS3
4.3 Medium
CVSS2