Candidate: CVE-2014-1506
PublicDate: 2014-03-19 10:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1506
 http://www.mozilla.org/security/announce/2014/mfsa2014-24.html
Description:
 Directory traversal vulnerability in Android Crash Reporter in Mozilla
 Firefox before 28.0 on Android allows attackers to trigger the transmission
 of local files to arbitrary servers, or cause a denial of service
 (application crash), via a crafted application that specifies Android Crash
 Reporter arguments.
Ubuntu-Description: 
Notes: 
 chrisccoulson> Only affects Firefox on Android
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
CVSS: 

Patches_firefox:
upstream_firefox: released (28.0)
lucid_firefox: ignored (reached end-of-life)
precise_firefox: not-affected
quantal_firefox: not-affected
saucy_firefox: not-affected
devel_firefox: not-affected