6 matches found
EUVD-2014-1583
Malware in sbrugna...
CVE-2014-1507
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object...
Directory traversal
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object...
CVE-2014-1507
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object...
CVE-2014-1507
The CVE-2014-1507 entry concerns Mozilla Firefox OS (DeviceStorage API) with a Directory Traversal affecting DeviceStorageFile objects. The vulnerability arises from using a relative pathname, enabling an attacker’s crafted app to bypass the media sandbox and read or modify arbitrary files. Affec...
Firefox OS DeviceStorageFile object vulnerable to relative path escape — Mozilla
Mozlla developer Ben Turner discovered that the protection against Directory Traversal through the DeviceStorage API was implemented in the wrong process on Firefox OS. If a Firefox OS application with any device-storage permissions were compromised an attacker could escape the media sandbox and...