Bagder

**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox (aka Fennec) versions prior to 37.0 on Android **Description** The issue is related to the PRNG implementation in the DNS resolver, which does not generate random numbers correctly for query ID values and UDP source ports. This makes it easier for remote attackers to spoof DNS responses by guessing these numbers. **Recommendations** For Mozilla Firefox (aka Fennec) versions prior to 37.0 on Android, update to version 37.0 or later to resolve the issue.