Mozilla : Security Vulnerabilities, CVEs, Published In 2014 (Directory traversal) CVSS score >= 6
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object.
Max CVSS
9.3
EPSS Score
0.35%
Published
2014-03-19
Updated
2016-11-15
Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments.
Max CVSS
6.4
EPSS Score
0.42%
Published
2014-03-19
Updated
2016-11-15
2 vulnerabilities found