Mozilla Firefox for Android < 32 / 31.1 'file:' Protocol Directory Access
Low Nessus Network Monitor Plugin ID 8372
SynopsisThe remote Android host was detected using an outdated version of Mozilla Firefox.
DescriptionVersions of Mozilla Firefox older than 32 (or 31.1) contain an information disclosure vulnerability wherein a file: protocol hyperlink could link to a local file in the Firefox profile directory, bypassing access restrictions. This issue was only incompletely addressed by a previous version but has since been more fully patched.
SolutionUpgrade to Mozilla Firefox for Android, versions 32 or 31.1 or later, from the Google Play app store.