CVE-2015-4481
published 2015-08-16CVE-2015-4481: Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to…
PriorityP419low3.3CVSS 2.0
AVLACMAuNCNIPAP
EXPLOIT
EPSS
0.80%
51.9th percentile
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | firefox | <= 39.0.3 | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| mozilla | firefox | — | — |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| oracle | solaris | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-fpjx-8wc2-5w5g: Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40
ghsa_unreviewed·2022-05-14
CVE-2015-4481 [LOW] CWE-362 GHSA-fpjx-8wc2-5w5g: Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
Project0
Between a Rock and a Hard Link - Project Zero
project_zero·2015-12-01·CVSS 3.3
CVE-2015-4446 [LOW] Between a Rock and a Hard Link - Project Zero
Posted by James Forshaw, File System Enthusiast
In a previous blog post I described some of the changes that Microsoft has made to the handling of symbolic links from a sandboxed process. This has an impact on the exploitation of privileged file overwrites for sandbox escapes. Windows does support another method of linking files together, Hard Links, which have some similar properties to file level symbolic links but also some downsides. Hard Links were not originally banned from a sandbox so given the right vulnerability we can still develop an exploit. Of course in some circumstances Hard Links can also be useful for exploiting some types of system level privilege escalation. This short blog post describes the pros and cons of Hard Links as an exploitation primitive and demonstrates it
No detection rules found.
No writeups or analysis indexed.
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.htmlhttp://lists.opensuse.org/opensuse-updates/2015-08/msg00030.htmlhttp://lists.opensuse.org/opensuse-updates/2015-08/msg00031.htmlhttp://www.mozilla.org/security/announce/2015/mfsa2015-84.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlhttp://www.securitytracker.com/id/1033247http://www.securitytracker.com/id/1033372https://bugzilla.mozilla.org/show_bug.cgi?id=1171518https://security.gentoo.org/glsa/201605-06https://www.exploit-db.com/exploits/37925/http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.htmlhttp://lists.opensuse.org/opensuse-updates/2015-08/msg00030.htmlhttp://lists.opensuse.org/opensuse-updates/2015-08/msg00031.htmlhttp://www.mozilla.org/security/announce/2015/mfsa2015-84.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlhttp://www.securitytracker.com/id/1033247http://www.securitytracker.com/id/1033372https://bugzilla.mozilla.org/show_bug.cgi?id=1171518https://security.gentoo.org/glsa/201605-06https://www.exploit-db.com/exploits/37925/
2015-08-16
Published