CVE-2015-2727

Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. NOTE: this vulnerability exists because of a CVE-2015-0821 regression.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:*

History

22 Oct 2024, 13:42

Type Values Removed Values Added
CPE cpe:2.3:a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*

Information

Published : 2015-07-06 02:00

Updated : 2024-10-22 13:42


NVD link : CVE-2015-2727

Mitre link : CVE-2015-2727

CVE.ORG link : CVE-2015-2727


JSON object : View

Products Affected

mozilla

  • firefox
CWE
CWE-20

Improper Input Validation