Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-cpx9-g67g-v8c5

Опубликовано: 14 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 8.8

Описание

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

EPSS

Процентиль: 99%
0.69924
Средний

8.8 High

CVSS3

Дефекты

CWE-200
CWE-346

Связанные уязвимости

CVSS3: 8.8
ubuntu
около 10 лет назад

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

redhat
около 10 лет назад

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

CVSS3: 8.8
nvd
около 10 лет назад

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

CVSS3: 8.8
debian
около 10 лет назад

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x befo ...

suse-cvrf
около 10 лет назад

Security update for MozillaFirefox

EPSS

Процентиль: 99%
0.69924
Средний

8.8 High

CVSS3

Дефекты

CWE-200
CWE-346