PT-2014-4211 · Mozilla+1 · Firefox+1
Published
2014-03-19
·
Updated
2016-11-17
·
CVE-2014-1501
CVSS v2.0
5.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Mozilla Firefox versions prior to 28.0 on Android
Description
The issue allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.
Recommendations
For Mozilla Firefox versions prior to 28.0 on Android, update to version 28.0 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Firefox
Suse