Android Crash Reporter open to manipulation
- March 18, 2014
- Roee Hay
- Fixed in
- Firefox 28
Firefox for Android includes a Crash Reporter which sends crash data to Mozilla for analysis. Security researcher Roee Hay reported that third party Android applications could launch the crash reporter with their own arguments. Normally applications cannot read the private files of another application, but this vulnerability allowed a malicious application to specify a local file in the Firefox profile and it to its own server leading to information disclosure. The crash reporter can also be invoked in a manner causing an immediate crash of Firefox, leading to a potential denial of service (DOS) attack.