CVE-2015-0816 in Mozilla Firefox정보

요약 (영어)

Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.

예약하다

2015. 01. 07.

공개

2015. 04. 01.

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
74503	Mozilla Firefox/Thunderbird resource:/ 권한 상승	264	높음	공식 수정	CVE-2015-0816

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

◂ 이전개요다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!