Systems Affected
Firefox 8.0, 9.0, 10.0, 11.0, 12.0, 13.0, 14.0, 15.0, 16.0, 17.0, 18.0, 19.0, 20.0, 21.0, 22.0, 23.0, 24.0 Versions
Threat Level
High
Overview
An attacker could steal sensitive information from your iOS devices.
Description
The vulnerability exists in Firefox due to the improper usage of token handling for native-to-JS bridging. An attacker could exploit a user just by sending a maliciously crafted executable application to open.
Impact
✻ Exposure of your sensitive information
✻ Financial loss
Solution/ Workarounds
✻ Apply the appropriate fix recommended by the Mozilla security advisory
https://www.mozilla.org/en-US/security/advisories/mfsa2020-15/
References
✻ https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2020-0132
✻ https://www.mozilla.org/en-US/security/advisories/mfsa2020-15/
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.