CVE-2014-1501 Information

Description

Mozilla Firefox before 28.0 on Android allows remote attackers to bypass the Same Origin Policy and access arbitrary file: URLs via vectors involving the \Open Link in New Tab\ menu selection.

Reference

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html http://www.mozilla.org/security/announce/2014/mfsa2014-21.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://bugzilla.mozilla.org/show_bug.cgi?id=960135