Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)

Hi, We have recently discovered a series of vulnerabilities in Firefox for Android that allows a malicious application to successfully derandomize the Firefox profile directory name in a practical amount of time and then leak sensitive data such as cookies and cached information which reside in...