Lucene search

PRIOn knowledge basePRION:CVE-2014-1507

HistoryMar 19, 2014 - 10:55 a.m.

Directory traversal

2014-03-1910:55:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.4%

JSON

Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object.

CPENameOperatorVersion
firefoxosle1.2
solariseq11.3

CPE	Name	Operator	Version
	firefoxos	le	1.2
	solaris	eq	11.3

References

www.mozilla.org/security/announce/2014/mfsa2014-25.html

www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

bugzilla.mozilla.org/show_bug.cgi?id=940684

7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

71.4%

JSON

Related for PRION:CVE-2014-1507