Back to search
CVE-2015-4481
Published: Aug 16, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1171518
x_refsource_CONFIRM
openSUSE-SU-2015:1454
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2015:1389
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2015:1453
vendor-advisory
x_refsource_SUSE
http://www.mozilla.org/security/announce/2015/mfsa2015-84.html
x_refsource_CONFIRM
37925
exploit
x_refsource_EXPLOIT-DB
1033247
vdb-entry
x_refsource_SECTRACK
GLSA-201605-06
vendor-advisory
x_refsource_GENTOO
1033372
vdb-entry
x_refsource_SECTRACK
openSUSE-SU-2015:1390
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now