Mozilla Foundation Security Advisory 2014-24

Android Crash Reporter open to manipulation

Announced
March 18, 2014
Reporter
Roee Hay
Impact
Moderate
Products
Firefox
Fixed in
  • Firefox 28

Description

Firefox for Android includes a Crash Reporter which sends crash data to Mozilla for analysis. Security researcher Roee Hay reported that third party Android applications could launch the crash reporter with their own arguments. Normally applications cannot read the private files of another application, but this vulnerability allowed a malicious application to specify a local file in the Firefox profile and it to its own server leading to information disclosure. The crash reporter can also be invoked in a manner causing an immediate crash of Firefox, leading to a potential denial of service (DOS) attack.

References