Vulnerability allows hackers to access both the contents of the SD card and the browser's private data. Vulnerability is not exploitable if victim do not install a malicious app on his mobile device or do not open in the vulnerable Android Firefox browser a locally stored HTML file that includes the malicous Javascript code. Vulnerability was patched in Firefox 24 for Android, that was released on September 17, 2013.