Mozilla Firefox CVE-2013-0798 Weak Authentication Vulnerability
Description
Security researcher Shuichiro Suzuki of the Fourteenforty Research Institute reported the app_tmp directory is set to be world readable and writeable by Firefox for Android. This potentially allows for third party applications to replace or alter Firefox add-ons when downloaded because they are temporarily stored in the app_tmp directory before installation.
Affected Applications
Firefox