Quote:Mozilla recently disclosed numerous security bugs in their Firefox browser. These include several RCE vulnerabilities in Firefox and Firefox ESR.


In the case of Firefox, the most important bug was a high-severity flaw CVE-2020-6821 leading to information disclosure.

Firefox ESR also exhibited two high-severity flaws affecting Android devices. The first of these CVE-2020-6828 was an Android takeover bug. Regarding this vulnerability, Mozilla explains in its advisory,

A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user’s profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary malicious preference values. Control of arbitrary preferences can lead to sufficient compromise such that it is generally equivalent to arbitrary code execution.

When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firefox for Android could be tricked into displaying the incorrect URI.