CVE-2014-1506Path Traversal in Mozilla Firefox

CWE-22Path Traversal3 documents3 sources
Severity
6.4MEDIUMNVD
EPSS
1.5%
top 18.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mozilla FirefoxOracle Solaris
Timeline
PublishedMar 19
Latest updateMay 17

Description

Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 28.0 on Android allows attackers to trigger the transmission of local files to arbitrary servers, or cause a denial of service (application crash), via a crafted application that specifies Android Crash Reporter arguments.

CVSS vector

AV:N/AC:L/C:P/I:N/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

NVDmozilla/firefox27.0.1+199
NVDoracle/solaris11.3

🔴Vulnerability Details

1
GHSA
GHSA-g42h-f457-2q4g: Directory traversal vulnerability in Android Crash Reporter in Mozilla Firefox before 282022-05-17

💬Community

1
Bugzilla
CVE-2014-2669 postgresql: multiple integer overflows in hstore_io.c2014-03-28
CVE-2014-1506 — Path Traversal in Mozilla Firefox | cvebase