Test ID:	1.3.6.1.4.1.25623.1.2.1.2014.33
Category:	General
Title:	Mozilla Firefox Security Advisory (MFSA2014-33) - Deprecated
Summary:	This host is missing a security update for Mozilla Firefox.;; This VT has been deprecated and is therefore no longer functional.
Description:	Summary: This host is missing a security update for Mozilla Firefox. This VT has been deprecated and is therefore no longer functional. Vulnerability Insight: File: protocol links downloaded to SD card by default Security researcher Roee Hay reported that a hyperlink using the file: protocol on Firefox for Android could link to a local file in the Firefox profile directory. If a user selected this link on their device, the linked file would be copied to the SD card without prompting. This SD card location is world readable leading to a potential information disclosure of files in the Firefox profile through a malicious application. Affected Software/OS: Firefox version(s) below 28.0.1. Solution: The vendor has released an update. Please see the reference(s) for more information. CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-1515 Bugtraq: 20140326 Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516) (Google Search) http://archives.neohapsis.com/archives/bugtraq/2014-03/0153.html
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.