Mozilla Foundation Security Advisory 2014-71

Profile directory file access through file: protocol

Announced
September 2, 2014
Reporter
Yu Dongsong
Impact
High
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 31.1
  • Firefox 32
  • SeaMonkey 2.29

Description

Security researcher Yu Dongsong reported on Firefox for Android that a file: protocol hyperlink could link to a local file in the Firefox profile directory, bypassing access restrictions. This issue was previously addressed in Mozilla Foundation Security Advisory 2014-33 but not completely.

This problem allows for profile data, such as cookies, to be copied to the SD card without prompting to the use. This SD card location is world readable leading to a potential information disclosure of files in the Firefox profile through a malicious application.

This issue only affects Firefox for Android.

References