Описание
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). Note: This issue only affected Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox ESR < 68.11.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | |
| devel | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | not-affected | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | not-affected | debian: Android specific |
| xenial | not-affected |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
Given an installed malicious file picker application, an attacker was ...
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
Уязвимость браузера Firefox ESR для операционных систем Android, связанная с небезопасным управлением привилегиями, позволяющая нарушителю оказать воздействие на целостность защищаемой информации
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3