[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Mozilla Products: Shared object library loading from writable location - mfsa2013-87

ID: oval:org.secpod.oval:def:16382Date: (C)2013-12-30   (M)2023-11-18
Class: PATCHFamily: macos




Mozilla developer Vladimir Vukicevic reported that Firefox for Android will optionally load a shared object (.so) library in order to enable GL tracing. When this is occurs, it can be from a world writable location, allowing for it to be replaced by malicious third party applications before it is loaded by Firefox. This would allow for accessing of all Firefox data or for malicious code to be run by Firefox. This flaw requires malicious software to be loaded on the device and is not accessible by web content.

Platform:
Apple Mac OS 14
Apple Mac OS 13
Apple Mac OS 12
Apple Mac OS 11
Apple Mac OS X 10.15
Apple Mac OS X 10.14
Apple Mac OS X 10.13
Apple Mac OS X 10.11
Apple Mac OS X 10.12
Product:
Mozilla Firefox
Reference:
MFSA 2013-87
CVE-2013-1731
CVE    1
CVE-2013-1731
CPE    9
cpe:/a:mozilla:firefox:23.0
cpe:/a:mozilla:firefox:21.0
cpe:/a:mozilla:firefox:22.0
cpe:/a:mozilla:firefox:20.0
...

© SecPod Technologies