Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-2727

Опубликовано: 02 июл. 2015
Источник: redhat
CVSS2: 5.1
EPSS Низкий

Описание

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.

Отчет

This issue does not affect the version of thunderbird package, as shipped with Red Hat Enterprise Linux 5, 6 and 7.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5thunderbirdNot affected
Red Hat Enterprise Linux 6thunderbirdNot affected
Red Hat Enterprise Linux 7thunderbirdNot affected
Red Hat Enterprise Linux 5firefoxFixedRHSA-2015:120703.07.2015
Red Hat Enterprise Linux 6firefoxFixedRHSA-2015:120703.07.2015
Red Hat Enterprise Linux 7firefoxFixedRHSA-2015:120703.07.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1236950Mozilla: Local files or privileged URLs in pages can be opened into new tabs (MFSA 2015-60)

EPSS

Процентиль: 83%
0.02112
Низкий

5.1 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-2727

ubuntu
почти 10 лет назад

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.

nvd логотип

CVE-2015-2727

nvd
почти 10 лет назад

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.

debian логотип

CVE-2015-2727

debian
почти 10 лет назад

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote a ...

github логотип

GHSA-xq4h-hmq6-ghrv

github
около 3 лет назад

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.

oracle-oval логотип

ELSA-2015-1207

oracle-oval
почти 10 лет назад

ELSA-2015-1207: firefox security update (CRITICAL)

EPSS

Процентиль: 83%
0.02112
Низкий

5.1 Medium

CVSS2

Уязвимость CVE-2015-2727