Unrated severityNVD Advisory· Published Mar 19, 2014· Updated Jun 17, 2026
CVE-2014-1507
CVE-2014-1507
Description
Directory traversal vulnerability in the DeviceStorage API in Mozilla FirefoxOS before 1.2.2 allows attackers to bypass the media sandbox protection mechanism, and read or modify arbitrary files, via a crafted application that uses a relative pathname for a DeviceStorageFile object.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:o:mozilla:firefoxos:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:mozilla:firefoxos:*:*:*:*:*:*:*:*range: <=1.2
- (no CPE)range: <1.2.2
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- www.mozilla.org/security/announce/2014/mfsa2014-25.htmlnvdVendor Advisory
- www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlnvdThird Party Advisory
- bugzilla.mozilla.org/show_bug.cginvdIssue Tracking
News mentions
0No linked articles in our index yet.