PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
22 Oct 2024, 13:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox:31.5.1:*:*:*:*:*:*:* |
22 Oct 2024, 13:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox:38.0:*:*:*:*:*:*:* |
21 Oct 2024, 13:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox_esr:31.0:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:31.1.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.0:*:*:*:*:*:*:* |
21 Oct 2024, 13:11
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:mozilla:firefox_esr:31.5.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:31.1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox_esr:31.5.3:*:*:*:*:*:*:* |
cpe:2.3:a:mozilla:firefox:31.5.2:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.1.1:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.3.0:*:*:*:*:*:*:* cpe:2.3:a:mozilla:firefox:31.5.3:*:*:*:*:*:*:* |
Information
Published : 2015-07-06 02:01
Updated : 2024-10-22 13:54
NVD link : CVE-2015-2743
Mitre link : CVE-2015-2743
CVE.ORG link : CVE-2015-2743
JSON object : View
Products Affected
novell
- suse_linux_enterprise_software_development_kit
- suse_linux_enterprise_server
- suse_linux_enterprise_desktop
mozilla
- firefox_esr
- firefox
oracle
- solaris
CWE
CWE-17
DEPRECATED: Code