2 matches found
CVE-2014-1507
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object...
CVE-2014-1507
The CVE-2014-1507 entry concerns Mozilla Firefox OS (DeviceStorage API) with a Directory Traversal affecting DeviceStorageFile objects. The vulnerability arises from using a relative pathname, enabling an attacker’s crafted app to bypass the media sandbox and read or modify arbitrary files. Affec...