VulnerableCode Package Details - pkg:mozilla/Firefox@28.0.0

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-24qn-29xp-93cr	security update	CVE-2014-1493
VCID-5vvt-9wk5-qbej	security update	CVE-2014-1510
VCID-5xfz-9tyc-xfh3	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.	CVE-2014-1500
VCID-6hk9-8e47-zbhw	security update	CVE-2014-1513
VCID-72te-4wq1-f7gh	Firefox for Android includes a Crash Reporter which sends crash data to Mozilla for analysis. Security researcher Roee Hay reported that third party Android applications could launch the crash reporter with their own arguments. Normally applications cannot read the private files of another application, but this vulnerability allowed a malicious application to specify a local file in the Firefox profile and it to its own server leading to information disclosure. The crash reporter can also be invoked in a manner causing an immediate crash of Firefox, leading to a potential denial of service (DOS) attack.	CVE-2014-1506
VCID-81hn-3y96-77db	security update	CVE-2014-1508
VCID-ct3d-sqe7-vyhh	security update	CVE-2014-1505
VCID-dhhr-be6c-73a6	security update	CVE-2014-1509
VCID-g1rp-xugu-4ube	Security researcher Alex Inführ reported that on Firefox for Android it is possible to open links to local files from web content by selecting "Open Link in New Tab" from the context menu using the file: protocol. The web content would have to know the precise location of a malicious local file in order to exploit this issue. This issue does not affect Firefox on non-Android systems.	CVE-2014-1501
VCID-tjdk-a9k7-8fe4	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.	CVE-2014-1499
VCID-u9bh-bnz3-8kbq	security update	CVE-2014-1512
VCID-ucnp-qr6h-gyg9	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.	CVE-2014-1502
VCID-vw8m-869a-c7gn	security update	CVE-2014-1497
VCID-xkrc-t2jn-dqfb	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.	CVE-2014-1504
VCID-ydrd-xcq5-67aj	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.	CVE-2014-1496
VCID-ypmc-2484-3fev	Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.	CVE-2014-1498
VCID-zrvg-5xgk-cqc3	security update	CVE-2014-1514

Vulnerability

Summary

Aliases

VCID-24qn-29xp-93cr

security update

CVE-2014-1493

VCID-5vvt-9wk5-qbej

security update

CVE-2014-1510

VCID-5xfz-9tyc-xfh3

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.

CVE-2014-1500

VCID-6hk9-8e47-zbhw

security update

CVE-2014-1513

VCID-72te-4wq1-f7gh

Firefox for Android includes a Crash Reporter which sends crash data to Mozilla for analysis. Security researcher Roee Hay reported that third party Android applications could launch the crash reporter with their own arguments. Normally applications cannot read the private files of another application, but this vulnerability allowed a malicious application to specify a local file in the Firefox profile and it to its own server leading to information disclosure. The crash reporter can also be invoked in a manner causing an immediate crash of Firefox, leading to a potential denial of service (DOS) attack.

CVE-2014-1506

VCID-81hn-3y96-77db

security update

CVE-2014-1508

VCID-ct3d-sqe7-vyhh

security update

CVE-2014-1505

VCID-dhhr-be6c-73a6

security update

CVE-2014-1509

VCID-g1rp-xugu-4ube

Security researcher Alex Inführ reported that on Firefox for Android it is possible to open links to local files from web content by selecting "Open Link in New Tab" from the context menu using the file: protocol. The web content would have to know the precise location of a malicious local file in order to exploit this issue. This issue does not affect Firefox on non-Android systems.

CVE-2014-1501

VCID-tjdk-a9k7-8fe4

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.

CVE-2014-1499

VCID-u9bh-bnz3-8kbq

security update

CVE-2014-1512

VCID-ucnp-qr6h-gyg9

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.

CVE-2014-1502

VCID-vw8m-869a-c7gn

security update

CVE-2014-1497

VCID-xkrc-t2jn-dqfb

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.

CVE-2014-1504

VCID-ydrd-xcq5-67aj

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.

CVE-2014-1496

VCID-ypmc-2484-3fev

Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code.

CVE-2014-1498

VCID-zrvg-5xgk-cqc3

security update

CVE-2014-1514

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:18:17.030103+00:00	Mozilla Importer	Fixing	VCID-24qn-29xp-93cr	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-15.md	38.0.0
2026-04-01T13:18:16.963511+00:00	Mozilla Importer	Fixing	VCID-vw8m-869a-c7gn	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-17.md	38.0.0
2026-04-01T13:18:16.788914+00:00	Mozilla Importer	Fixing	VCID-zrvg-5xgk-cqc3	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-32.md	38.0.0
2026-04-01T13:18:16.722454+00:00	Mozilla Importer	Fixing	VCID-ct3d-sqe7-vyhh	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-28.md	38.0.0
2026-04-01T13:18:16.466376+00:00	Mozilla Importer	Fixing	VCID-g1rp-xugu-4ube	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-21.md	38.0.0
2026-04-01T13:18:15.730890+00:00	Mozilla Importer	Fixing	VCID-72te-4wq1-f7gh	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-24.md	38.0.0
2026-04-01T13:18:15.434976+00:00	Mozilla Importer	Fixing	VCID-u9bh-bnz3-8kbq	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-30.md	38.0.0
2026-04-01T13:18:14.584184+00:00	Mozilla Importer	Fixing	VCID-dhhr-be6c-73a6	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-27.md	38.0.0
2026-04-01T13:18:14.468773+00:00	Mozilla Importer	Fixing	VCID-81hn-3y96-77db	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-26.md	38.0.0
2026-04-01T13:18:13.855004+00:00	Mozilla Importer	Fixing	VCID-6hk9-8e47-zbhw	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-31.md	38.0.0
2026-04-01T13:18:13.600829+00:00	Mozilla Importer	Fixing	VCID-5vvt-9wk5-qbej	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-29.md	38.0.0
2026-04-01T13:18:13.556302+00:00	Mozilla Importer	Fixing	VCID-ucnp-qr6h-gyg9	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-22.md	38.0.0
2026-04-01T13:18:12.857091+00:00	Mozilla Importer	Fixing	VCID-ydrd-xcq5-67aj	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-16.md	38.0.0
2026-04-01T13:18:12.630629+00:00	Mozilla Importer	Fixing	VCID-5xfz-9tyc-xfh3	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-20.md	38.0.0
2026-04-01T13:18:12.135735+00:00	Mozilla Importer	Fixing	VCID-tjdk-a9k7-8fe4	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-19.md	38.0.0
2026-04-01T13:18:11.792123+00:00	Mozilla Importer	Fixing	VCID-ypmc-2484-3fev	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-18.md	38.0.0
2026-04-01T13:18:11.275998+00:00	Mozilla Importer	Fixing	VCID-xkrc-t2jn-dqfb	https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2014/mfsa2014-23.md	38.0.0