• Security Center
  • Security Advisories
  • Known Vulnerabilities
  • Bug Bounty
  • Security Blog

You are here: Security Center > Mozilla Foundation Security Advisories > MFSA 2012-71

Mozilla Foundation Security Advisory 2012-71

Title: Insecure use of __android_log_print
Impact: High
Announced: August 28, 2012
Reporter: Blake Kaplan
Products: Firefox

Fixed in: Firefox 15

Description

Mozilla developer Blake Kaplan reported that __android_log_print is called insecurely in places. If a malicious web page used a dump() statement with a specially crafted string, it can trigger a potentially exploitable crash.

This vulnerability only affects Firefox for Android.

References

• Audit for incorrect uses of __android_log_print
• CVE-2012-3979