Firefox OS < 1.2.2 / 1.3 Directory Traversal Vulnerability
High Nessus Network Monitor Plugin ID 8177
SynopsisThe remote mobile host may be running a vulnerable version of Firefox OS.
DescriptionFirefox OS is a Linux kernel-based operating system for smartphones and tablet computers. Versions earlier than 1.2.2 and 1.3 are vulnerable to directory-traversal, as the protection mechanism through the DeviceStorage API was implemented in the wrong process on Firefox OS. This could allow an attacker to escape the media sandbox and potentially read or write any file on the device within the context of the application.
SolutionUpgrade to Firefox OS 1.2.2 or 1.3 or later.