Mozilla Firefox prior to 31.1 on Android does not properly restrict copying of local files onto the SD card during processing of file: URLs, which allows malicious users to obtain sensitive information from the Firefox profile directory via a crafted application. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1515.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox 30.0 |
||
mozilla firefox |