2 matches found
CVE-2017-7759
Firefox for Android prior to version 54 is affected by CVE-2017-7759, where Android intent URLs can cause navigation from HTTP/HTTPS to local file: URLs, potentially exposing local data due to a same-origin policy violation. The issue is fixed in Firefox 54 (as noted in mfsa2017-15). Affected pro...
CVE-2017-7759
Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local "file:" URLs, allowing for the reading of local data through a violation of same-origin policy. Note: This attack only affects Firefox for Android. Other operating systems are not affected...