4 matches found
Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516)
Hi, We have recently discovered a series of vulnerabilities in Firefox for Android that allows a malicious application to successfully derandomize the Firefox profile directory name in a practical amount of time and then leak sensitive data such as cookies and cached information which reside in...
Mozilla Firefox for Android < 28.0.1 Multiple Vulnerabilities
Binary data 8175.prm...
CVE-2014-1515
CVE-2014-1515 affects Mozilla Firefox for Android prior to 28.0.1. It occurs when processing a file: URL by copying a local file to the SD card, allowing an attacker with a crafted application to read sensitive data from the Firefox profile directory. CVSSv2 base score 1.9 (LOW) with LOCAL access...
Fedora 19 : firefox-27.0-1.fc19 / xulrunner-27.0-1.fc19 (2014-2051)
See following page for changes: http://www.mozilla.org/en-US/firefox/27.0/releasenotes/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...