CVE-2014-1516 in Firefox
Riassunto
di MITRE
The saltProfileName function in base/GeckoProfileDirectories.java in Mozilla Firefox through 28.0.1 on Android relies on Android's weak approach to seeding the Math.random function, which makes it easier for attackers to bypass a profile-randomization protection mechanism via a crafted application.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.