Critical Vulnerability Information Vulnerability Overview Vulnerability Type: Security Vulnerability - CrashReporter Path Traversal CVE ID: CVE-2014-1506 Bugzilla ID: 944374 Affected Products and Components Product: Firefox for Android Component: General Platform: x86_64 Android Affected Versions: - Firefox 28: fixed - Firefox 29: fixed - Firefox 30: fixed - Firefox ESR 24: unaffected - b2g-v1.3: fixed Technical Details Issue Description: - Other applications installed on the device could invoke the CrashReporter intent using arbitrary file paths, potentially triggering malicious behavior. Fixes Implemented: - Reject minidump file paths that are not located within the application's data directory. - Hardcode the server URL within the CrashReporter application to prevent accidental data submission to third parties. Fix Status Status: RESOLVED FIXED Fix Commit: Related Code Commit Link Reporting and Review Reporter: Roe Haly Fixer: Brian Nicholson (bnicholson) Reviewer: Blassey Sylvestre Attachments and Documentation Whitepaper: firefoxleakage.pdf Patch File: Alt fix: Don't export CrashReporter activity