Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the app_tmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which app_tmp is used.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox 多个未明漏洞
Vulnerability Description
Mozilla Mozilla Firefox是美国Mozilla基金会开发的一款开源Web浏览器。 Android平台下的Mozilla Firefox 20.0之前版本中存在多个未明漏洞,该漏洞源于程序对本地文件系统中的app_tmp安装路径使用了全局可读和全局可写权限。当Firefox下载插件(add-ons)时,默认会保存到app_tmp目录下,这样攻击者就可以在用户安装插件之前将其修改木马或其他恶意程序诱使用户安装。
CVSS Information
N/A
Vulnerability Type
N/A