Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-wcst-1mfp-27cb
Summary
Firefox for Android includes a Crash Reporter which sends crash data to
Mozilla for analysis. Security researcher Roee Hay reported
that third party Android applications could launch the crash reporter with their
own arguments. Normally applications cannot read the private files of another
application, but this vulnerability allowed a malicious application to specify a
local file in the Firefox profile and it to its own server leading to
information disclosure. The crash reporter can also be invoked in a manner
causing an immediate crash of Firefox, leading to a potential denial of service
(DOS) attack.
Aliases
0
alias CVE-2014-1506
Fixed_packages
0
url pkg:mozilla/Firefox@28.0.0
purl pkg:mozilla/Firefox@28.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:mozilla/Firefox@28.0.0
Affected_packages
References
0
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1506
reference_id CVE-2014-1506
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1506
1
reference_url https://www.mozilla.org/en-US/security/advisories/mfsa2014-24
reference_id mfsa2014-24
reference_type
scores
0
value none
scoring_system generic_textual
scoring_elements
url https://www.mozilla.org/en-US/security/advisories/mfsa2014-24
Weaknesses
Exploits
Severity_range_scorenull
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-wcst-1mfp-27cb