Mozilla Foundation Security Advisory 2015-124

Android intents can be used on Firefox for Android to open privileged files

Announced
November 3, 2015
Reporter
Muneaki Nishimura
Impact
Moderate
Products
Firefox
Fixed in
  • Firefox 42

Description

Security researcher Muneaki Nishimura reported that on Firefox for Android, a search engine can be registered and used to launch Firefox through an Android intent. When Firefox for Android is launched, the URL can executed with Firefox's system privileges if the crash reporter is used. This allows for the reading of local log files within Firefox, potentially leaking private information, and the loading of local HTML files through file: URIs.

This issue only affects Firefox for Android on Android 4.4 or earlier. It does not affect more recent versions of Android except for causing a non-exploitable crash. Firefox on other operating systems is not affected.

References