Mozilla : Security Vulnerabilities, CVEs, Published In March 2014 (Directory traversal)
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object.
Max CVSS
9.3
EPSS Score
0.35%
Published
2014-03-19
Updated
2016-11-15
Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments.
Max CVSS
6.4
EPSS Score
0.42%
Published
2014-03-19
Updated
2016-11-15
2 vulnerabilities found