CVE-2014-1507

Name of the Vulnerable Software and Affected Versions Mozilla FirefoxOS versions prior to 1.2.2

Description A directory traversal issue in the DeviceStorage API allows attackers to bypass the media sandbox protection mechanism. This enables them to read or modify arbitrary files by using a crafted application with a relative pathname for a DeviceStorageFile object.

Recommendations For versions prior to 1.2.2, update to version 1.2.2 or later to resolve the issue.