Hi,
We have recently discovered a series of vulnerabilities in Firefox for Android
that allows a malicious application to successfully derandomize
the Firefox profile directory name in a practical amount of time
and then leak sensitive data (such as cookies and cached
information) which reside in that directory, breaking Android's
sandbox:
The full analysis with exploitation techniques can be found in our whitepaper.
Important links:
-Roee