Insecure use of __android_log_print
- August 28, 2012
- Blake Kaplan
- Fixed in
- Firefox 15
Mozilla developer Blake Kaplan reported that __android_log_print is called insecurely in places. If a malicious web page used a dump() statement with a specially crafted string, it can trigger a potentially exploitable crash.
This vulnerability only affects Firefox for Android.