Back to search
CVE-2015-4495
Published: Aug 8, 2015
Modified: Oct 21, 2025
PUBLISHED
Description
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://bugzilla.mozilla.org/show_bug.cgi?id=1179262
x_refsource_CONFIRM
SUSE-SU-2015:1379
vendor-advisory
x_refsource_SUSE
SUSE-SU-2015:1380
vendor-advisory
x_refsource_SUSE
76249
vdb-entry
x_refsource_BID
37772
exploit
x_refsource_EXPLOIT-DB
RHSA-2015:1581
vendor-advisory
x_refsource_REDHAT
GLSA-201512-10
vendor-advisory
x_refsource_GENTOO
openSUSE-SU-2015:1389
vendor-advisory
x_refsource_SUSE
USN-2707-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2015:1528
vendor-advisory
x_refsource_SUSE
https://bugzilla.mozilla.org/show_bug.cgi?id=1178058
x_refsource_CONFIRM
http://www.mozilla.org/security/announce/2015/mfsa2015-78.html
x_refsource_CONFIRM
1033216
vdb-entry
x_refsource_SECTRACK
SUSE-SU-2015:1449
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2015:1390
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now