Russian Vulnerability Scanner Database

Back to List

BDU:2015-11248

Scores

EPSS

0.000none0.0%
0%20%40%60%80%100%

Percentile: 0.0%

CVSS

4.3medium2.0
0246810

CVSS Score: 4.3/10

All CVSS Scores

CVSS 2.0
4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Description

Уязвимость компонента PDF reader операционной системы Firefox OS, браузеров Firefox и Firefox ESR связана с отсутствием защиты служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, обойти политику разграничения доступа, читать произвольные файлы и повысить свои привилегии с помощью специально сформированного JavaScript-кода

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

bdu

Related Vulnerabilities

CVE-2015-4495

Exploits

Exploit ID: BDU:2015-11248

Source: bdu_exploit

URL: https://bdu.fstec.ru/vul

Exploit ID: 37772

Source: exploitdb

URL: https://www.exploit-db.com/exploits/37772

Reference Links

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4495
https://www.mozilla.org/security/advisories/mfsa2015-78.html
http://www.mozilla.org/security/announce/2015/mfsa2015-78.html
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/
https://bugzilla.mozilla.org/show_bug.cgi?id=1178058
https://bugzilla.mozilla.org/show_bug.cgi?id=1179262
https://www.exploit-db.com/exploits/37772/

Recommendations

Source: bdu

Использование рекомендаций производителя:
http://www.mozilla.org/security/announce/2015/mfsa2015-78.html

URL: https://bdu.fstec.ru/vul/2015-11248

Vulnerable Software (6)

Type: Configuration

Vendor: mozilla corp.

Product: firefox

Operating System: linux *

Trait: 
{  "version_end_excluding": "40"}

Source: bdu

Type: Configuration

Vendor: mozilla corp.

Product: firefox

Operating System: windows *

Trait: 
{  "version_end_excluding": "40"}

Source: bdu

Type: Configuration

Vendor: mozilla corp.

Product: firefox

Operating System: firefox os *

Trait: 
{  "version_end_excluding": "40"}

Source: bdu

Type: Configuration

Vendor: mozilla corp.

Product: firefox esr

Operating System: linux *

Trait: 
{  "version_end_excluding": "38.2"}

Source: bdu

Type: Configuration

Vendor: mozilla corp.

Product: firefox esr

Operating System: windows *

Trait: 
{  "version_end_excluding": "38.2"}

Source: bdu

Type: Configuration

Vendor: mozilla corp.

Product: firefox esr

Operating System: firefox os *

Trait: 
{  "version_end_excluding": "38.2"}

Source: bdu

End of list