Published: 19/03/2014 Updated: 17/11/2016

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Mozilla Firefox prior to 28.0 on Android allows remote malicious users to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the "Open Link in New Tab" menu selection.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle solaris 11.3
mozilla firefox 0.10
mozilla firefox 0.2
mozilla firefox 0.7.1
mozilla firefox 0.9
mozilla firefox 1.0.1
mozilla firefox 1.0.3
mozilla firefox 1.0.8
mozilla firefox 1.5
mozilla firefox 1.5.0.1
mozilla firefox 1.5.0.3
mozilla firefox 1.5.0.5
mozilla firefox 1.5.3
mozilla firefox 1.5.5
mozilla firefox 2.0.0.1
mozilla firefox 2.0.0.11
mozilla firefox 2.0.0.13
mozilla firefox 2.0.0.18
mozilla firefox 2.0.0.2
mozilla firefox 2.0.0.8
mozilla firefox 3.0.19
mozilla firefox 3.0.11
mozilla firefox 3.0.13
mozilla firefox 3.0.15
mozilla firefox 3.0.4
mozilla firefox 3.0.6
mozilla firefox 3.5.19
mozilla firefox 3.5.1
mozilla firefox 3.5.2
mozilla firefox 3.5.4
mozilla firefox 3.5.9
mozilla firefox 3.6.27
mozilla firefox 3.6.14
mozilla firefox 3.6.16
mozilla firefox 3.6.22
mozilla firefox 3.6.24
mozilla firefox 3.6.7
mozilla firefox 3.6.9
mozilla firefox 4.0
mozilla firefox 5.0
mozilla firefox 6.0.1
mozilla firefox 8.0
mozilla firefox 9.0
mozilla firefox 10.0.9
mozilla firefox 10.0.7
mozilla firefox 12.0
mozilla firefox 13.0
mozilla firefox 16.0
mozilla firefox 16.0.2
mozilla firefox 17.0.5
mozilla firefox 17.0.3
mozilla firefox 19.0
mozilla firefox 20.0
mozilla firefox 23.0
mozilla firefox 24.0
mozilla firefox
mozilla firefox 27.0
mozilla firefox 26.0
mozilla firefox 0.1
mozilla firefox 0.9.1
mozilla firefox 0.9.2
mozilla firefox 0.9.3
mozilla firefox 1.0
mozilla firefox 1.5.0.10
mozilla firefox 1.5.0.11
mozilla firefox 1.5.0.12
mozilla firefox 1.5.0.2
mozilla firefox 1.5.6
mozilla firefox 1.5.7
mozilla firefox 1.5.8
mozilla firefox 2.0
mozilla firefox 2.0.0.3
mozilla firefox 2.0.0.4
mozilla firefox 2.0.0.5
mozilla firefox 2.0.0.6
mozilla firefox 3.0.16
mozilla firefox 3.0.17
mozilla firefox 3.0.2
mozilla firefox 3.0.3
mozilla firefox 3.5.10
mozilla firefox 3.5.11
mozilla firefox 3.5.12
mozilla firefox 3.5.13
mozilla firefox 3.5.14
mozilla firefox 3.6
mozilla firefox 3.6.10
mozilla firefox 3.6.11
mozilla firefox 3.6.12
mozilla firefox 3.6.25
mozilla firefox 3.6.3
mozilla firefox 3.6.4
mozilla firefox 3.6.6
mozilla firefox 10.0.1
mozilla firefox 10.0.2
mozilla firefox 10.0.12
mozilla firefox 10.0.11
mozilla firefox 14.0
mozilla firefox 14.0.1
mozilla firefox 15.0
mozilla firefox 15.0.1
mozilla firefox 18.0.2
mozilla firefox 18.0.1
mozilla firefox 18.0
mozilla firefox 19.0.2
mozilla firefox 0.4
mozilla firefox 0.5
mozilla firefox 0.6
mozilla firefox 0.6.1
mozilla firefox 0.7
mozilla firefox 1.0.4
mozilla firefox 1.0.5
mozilla firefox 1.0.6
mozilla firefox 1.0.7
mozilla firefox 1.5.0.7
mozilla firefox 1.5.0.8
mozilla firefox 1.5.0.9
mozilla firefox 1.5.1
mozilla firefox 2.0.0.14
mozilla firefox 2.0.0.15
mozilla firefox 2.0.0.16
mozilla firefox 2.0.0.17
mozilla firefox 3.0.18
mozilla firefox 3.0
mozilla firefox 3.0.1
mozilla firefox 3.0.10
mozilla firefox 3.0.8
mozilla firefox 3.0.9
mozilla firefox 3.5.16
mozilla firefox 3.5.17
mozilla firefox 3.5.5
mozilla firefox 3.5.6
mozilla firefox 3.5.7
mozilla firefox 3.5.8
mozilla firefox 3.6.17
mozilla firefox 3.6.18
mozilla firefox 3.6.19
mozilla firefox 3.6.2
mozilla firefox 3.6.20
mozilla firefox 6.0.2
mozilla firefox 7.0.1
mozilla firefox 7.0
mozilla firefox 8.0.1
mozilla firefox 10.0.5
mozilla firefox 10.0.4
mozilla firefox 10.0.3
mozilla firefox 11.0
mozilla firefox 17.0.10
mozilla firefox 17.0.9
mozilla firefox 17.0.8
mozilla firefox 17.0.7
mozilla firefox 21.0
mozilla firefox 25.0.1
mozilla firefox 24.1.1
mozilla firefox 23.0.1
mozilla firefox 0.10.1
mozilla firefox 0.3
mozilla firefox 0.8
mozilla firefox 1.0.2
mozilla firefox 1.5.0.4
mozilla firefox 1.5.0.6
mozilla firefox 1.5.2
mozilla firefox 1.5.4
mozilla firefox 2.0.0.10
mozilla firefox 2.0.0.12
mozilla firefox 2.0.0.19
mozilla firefox 2.0.0.20
mozilla firefox 2.0.0.7
mozilla firefox 2.0.0.9
mozilla firefox 3.0.12
mozilla firefox 3.0.14
mozilla firefox 3.0.5
mozilla firefox 3.0.7
mozilla firefox 3.5.18
mozilla firefox 3.5
mozilla firefox 3.5.15
mozilla firefox 3.5.3
mozilla firefox 3.6.28
mozilla firefox 3.6.26
mozilla firefox 3.6.13
mozilla firefox 3.6.15
mozilla firefox 3.6.21
mozilla firefox 3.6.23
mozilla firefox 3.6.8
mozilla firefox 4.0.1
mozilla firefox 5.0.1
mozilla firefox 6.0
mozilla firefox 9.0.1
mozilla firefox 10.0
mozilla firefox 10.0.10
mozilla firefox 10.0.8
mozilla firefox 10.0.6
mozilla firefox 13.0.1
mozilla firefox 16.0.1
mozilla firefox 17.0.11
mozilla firefox 17.0.6
mozilla firefox 17.0.4
mozilla firefox 17.0.2
mozilla firefox 19.0.1
mozilla firefox 20.0.1
mozilla firefox 24.1
mozilla firefox 25.0
suse linux enterprise server 11
suse linux enterprise software development kit 11
suse linux enterprise desktop 11

Mozilla Foundation Security Advisory 2014-21 Local file access via Open Link in new tab Announced March 18, 2014 Reporter Alex Inführ Impact Moderate Products Firefox Fixed in Fir ...

CWE-264 http://www.mozilla.org/security/announce/2014/mfsa2014-21.html https://bugzilla.mozilla.org/show_bug.cgi?id=960135 http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://nvd.nist.gov https://www.mozilla.org/en-US/security/advisories/mfsa2014-21/

Get Started

CVE-2014-1501

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect