PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.
History

Tue, 22 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:31.5.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:*

Tue, 22 Oct 2024 14:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*

Mon, 21 Oct 2024 14:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.1.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:*

Mon, 21 Oct 2024 13:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2015-07-06T01:00:00

Updated: 2024-08-06T05:24:38.425Z

Reserved: 2015-03-25T00:00:00

Link: CVE-2015-2743

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-07-06T02:01:11.780

Modified: 2024-11-21T02:27:57.700

Link: CVE-2015-2743

cve-icon Redhat

Severity : Moderate

Publid Date: 2015-07-02T00:00:00Z

Links: CVE-2015-2743 - Bugzilla