EUVD-2014-1583

Malware in sbrugna...

Directory traversal

Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object...

CVE-2014-1507

The CVE-2014-1507 entry concerns Mozilla Firefox OS (DeviceStorage API) with a Directory Traversal affecting DeviceStorageFile objects. The vulnerability arises from using a relative pathname, enabling an attacker’s crafted app to bypass the media sandbox and read or modify arbitrary files. Affec...

CVE-2014-1507

Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object...

Mozilla Drops Second Beta of Persona Privacy System

Mozilla has pushed out the second beta version of its Persona authentication system . The move is the latest step in the company’s campaign to rid the Web of passwords and make it easier for consumers to log on to sites regardless of the browser they’re using. The goal of Persona is that it will...