Computer Security
[EN] securityvulns.ru no-pyccku


Firefox for Android weak permissions
Published:15.04.2013
Source:
SecurityVulns ID:13014
Type:local
Threat Level:
3/10
Description:Weak app_tmp permissions allows to overwrite addons.
Affected:MOZILLA : Firefox 19.0
CVE:CVE-2013-0798 (Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.)
Original documentdocumentsuzuki_(at)_foureenforty.jp, CVE-2013-0798 : World read and write access to app_tmp directory on Android (15.04.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod