PT-2014-4212 · Mozilla · Firefox
Published
2014-03-19
·
Updated
2016-11-15
·
CVE-2014-1506
CVSS v2.0
6.4
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
Mozilla Firefox versions prior to 28.0 on Android
Description
A directory traversal issue in the Android Crash Reporter component allows attackers to trigger the transmission of local files to arbitrary servers or cause a denial of service by crashing the application. This can be achieved via a crafted application that specifies Android Crash Reporter arguments.
Recommendations
For versions prior to 28.0, update to version 28.0 or later to resolve the issue.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Firefox