Описание
Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| upstream | released | 20.0 |
Показывать по
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.
Mozilla Firefox before 20.0 on Android uses world-writable and world-r ...
Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.
EPSS
4.3 Medium
CVSS2