CVE-2014-1484 — Sensitive Information Exposure in Mozilla Firefox

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.6%

top 29.63%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mozilla Firefox Opensuse Opensuse Project Opensuse +4 more

Timeline

PublishedFeb 6

Latest updateMay 14

Description

Mozilla Firefox before 27.0 on Android 4.2 and earlier creates system-log entries containing profile paths, which allows attackers to obtain sensitive information via a crafted application.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages7 packages

▶NVDmozilla/firefox26.0+197

▶NVDoracle/solaris11.3

▶NVDopensuse/opensuse13.1

▶NVDopensuse_project/opensuse12.3

▶NVDsuse/linux_enterprise_server11

🔴Vulnerability Details

GHSA

GHSA-4h9c-4pwm-cqmp: Mozilla Firefox before 27↗2022-05-14

▶

CVEList

CVE-2014-1484: Mozilla Firefox before 27↗2014-02-06

▶