Profile directory file access through file: protocol
- September 2, 2014
- Yu Dongsong
- Firefox, SeaMonkey
- Fixed in
- Firefox 31.1
- Firefox 32
- SeaMonkey 2.29
Security researcher Yu Dongsong reported on Firefox for
Android that a
file: protocol hyperlink could link to a local file
in the Firefox profile directory, bypassing access restrictions. This issue was
previously addressed in Mozilla
Foundation Security Advisory 2014-33 but not completely.
This problem allows for profile data, such as cookies, to be copied to the SD card without prompting to the use. This SD card location is world readable leading to a potential information disclosure of files in the Firefox profile through a malicious application.
This issue only affects Firefox for Android.