Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS prior to 1.2.2 allows malicious users to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle solaris 11.3 |
||
mozilla firefoxos |