CVE-2013-0798 : World read and write access to app_tmp directory on Android

[suzuki@xxxxxxxxxxxxxxx]

##############################################################
   Fourteenforty Research Institute, Inc. Security Advisory

   World read and write access to app_tmp directory
   on Firefox for Android

   2013/04/02
##############################################################

=== Summary ===
World read and write access to app_tmp directory
on Firefox for Android allows replacing Firefox add-ons.

=== Severity ===
Middle

=== Affected Products ===
Fireforx for Android before version 20

=== Potential Security Impact ===
Information leak
Information falsification

=== Solution ===
Update Firefox for Android

=== Detailed Description ===
The app_tmp directory is set to be world readable and 
writeable by Firefox for Android. This potentially allows
for third party applications to replace or alter Firefox
add-ons when downloaded because they are temporarily
stored in the app_tmp directory before installation. 

== Time Table ==
2013/02/22 The vulnerability was reported to Mozilla
2013/04/02 The fixed version of Firefox for Android was released

=== Credits ===
This vulnerability was discovered by Shuichiro Suzuki of Fourteenforty Research
Institute.

=== Reference ===
CVE No. : CVE-2013-0798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0798

Mozilla Foundation Security Advisory :
https://www.mozilla.org/security/announce/2013/mfsa2013-33.html

FFRI Advisory URL:
http://www.fourteenforty.jp/cgi-bin/advisory/advisory.cgi?type=release&id=FFRRA-20130402

=== About FFRI ===
Fourteenforty Research Institute (FFRI) is a leading security products
and service vendor in Japan providing innovative security software and
vulnerability research information. Our commitment is to secure our
IT-driven society by protecting information system from unpredictable
threats.

http://www.fourteenforty.jp
research-feedback@xxxxxxxxxxxxxxxx

=== Copyright ===
2007 - 2013 Fourteenforty Research Institute, Inc. All rights reserved.