The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
History

Tue, 22 Oct 2024 14:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*
Vendors & Products Mozilla firefox Esr

Tue, 13 Aug 2024 23:45:00 +0000

Type Values Removed Values Added
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mozilla

Published: 2015-08-08T00:00:00

Updated: 2024-08-06T06:18:11.155Z

Reserved: 2015-06-10T00:00:00

Link: CVE-2015-4495

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-08-08T00:59:04.597

Modified: 2024-11-21T02:31:12.170

Link: CVE-2015-4495

cve-icon Redhat

Severity : Important

Publid Date: 2015-08-06T00:00:00Z

Links: CVE-2015-4495 - Bugzilla