cbcvebase.
CVE-2015-4481
published 2015-08-16

CVE-2015-4481: Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to…

PriorityP419low3.3CVSS 2.0
AVLACMAuNCNIPAP
EXPLOIT
EPSS
0.80%
51.9th percentile
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.

Affected

8 ranges
VendorProductVersion rangeFixed in
mozillafirefox<= 39.0.3
mozillafirefox
mozillafirefox
mozillafirefox
mozillafirefox
opensuseopensuse
opensuseopensuse
oraclesolaris
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.