Mozilla Foundation Security Advisory 2015-124

Android intents can be used on Firefox for Android to open privileged files

Announced

November 3, 2015

Reporter

Muneaki Nishimura

Impact

Moderate

Products

Firefox

Fixed in

Firefox 42

Description

Security researcher Muneaki Nishimura reported that on Firefox for Android, a search engine can be registered and used to launch Firefox through an Android intent. When Firefox for Android is launched, the URL can executed with Firefox's system privileges if the crash reporter is used. This allows for the reading of local log files within Firefox, potentially leaking private information, and the loading of local HTML files through file: URIs.

This issue only affects Firefox for Android on Android 4.4 or earlier. It does not affect more recent versions of Android except for causing a non-exploitable crash. Firefox on other operating systems is not affected.

References

Firefox Search on Android allows to open an arbitrary activity with Fennec's privilege (CVE-2015-7190)

Firefox for Desktop

Firefox for Android

Firefox for iOS

Firefox Focus

Firefox Blog

Release Notes

Mozilla Monitor

Facebook Container

Pocket

Mozilla VPN

Firefox Relay

MDN Plus

Fakespot

Mozilla Manifesto

Mozilla Foundation

Leadership

Get involved

Careers

Mozilla Blog

Impact

Firefox Developer Edition

MDN Web Docs

Mozilla Innovation Projects

Common Voice

Mozilla Foundation Security Advisory 2015-124

Android intents can be used on Firefox for Android to open privileged files

Description

References