Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mozilla Firefox for Android 安全漏洞
Vulnerability Description
Mozilla Firefox是美国Mozilla基金会的一款开源Web浏览器。 Firefox for Android 存在安全漏洞,该漏洞源于如果在Android 6.0之前的版本中启用了通过USB进行远程调试的功能,那么不受信任的应用程序就可以连接到该功能,并使用浏览器的特权来读取web内容并与之交互。该特性是作为一个unix域套接字实现的,由Android SELinux策略保护;但是,SELinux在6.0之前的版本中并不强制执行。
CVSS Information
N/A
Vulnerability Type
N/A