⚠ Actively exploited

Added to CISA KEV on 2022-05-25. Federal agencies required to patch by 2022-06-15. Required action: Apply updates per vendor instructions..

CVE-2015-4495

CWE-346 CWE-200 — Information Exposure14 documents12 sources

Severity

8.8HIGH

EPSS

71.6%

top 1.27%

CISA KEV

KEV

Added 2022-05-25

Due 2022-06-15

Exploit

Exploited in wild

Active exploitation observed

Affected products

Mozilla Firefox Mozilla Firefox OS Canonical Ubuntu Linux +12 more

Timeline

PublishedAug 8

KEV addedMay 25

KEV dueJun 15

CISA Required Action: Apply updates per vendor instructions.

Description

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages13 packages

▶NVDmozilla/firefox38.0 — 38.1.1+1

▶NVDmozilla/firefox_os< 2.2

▶Ubuntufirefox< 39.0.3+build2-0ubuntu0.14.04.1

▶Debianpdf.js< 1.1.366+dfsg-1+3

▶NVDoracle/solaris11.3

Also affects: Ubuntu Linux 12.04, 14.04, 15.04, Enterprise Linux 6.7, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-cpx9-g67g-v8c5: The PDF reader in Mozilla Firefox before 39↗2022-05-14

▶

OSV

CVE-2015-4495: The PDF reader in Mozilla Firefox before 39↗2015-08-08

▶

CVEList

CVE-2015-4495: The PDF reader in Mozilla Firefox before 39↗2015-08-08

▶

OSV

firefox vulnerability↗2015-08-07

▶

VulnCheck

Mozilla Firefox Security Feature Bypass Vulnerability↗2015

▶

💥Exploits & PoCs

Exploit-DB

Mozilla Firefox < 39.03 - 'pdf.js' Same Origin Policy↗2015-08-15

▶

🔍Detection Rules

Suricata

ET EXPLOIT Possible Firefox PDF.js Same-Origin-Bypass CVE-2015-4495 M2↗2015-08-11

▶

Suricata

ET EXPLOIT Possible Firefox PDF.js Same-Origin-Bypass CVE-2015-4495 M1↗2015-08-10

▶

📋Vendor Advisories

CISA

Mozilla Firefox Security Feature Bypass Vulnerability↗2022-05-25

▶

Ubuntu

Firefox vulnerability↗2015-08-07

▶

Red Hat

Mozilla: Same origin violation and local file stealing via PDF reader (MFSA 2015-78)↗2015-08-06

▶

Debian

CVE-2015-4495: pdf.js - The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1,...↗2015

▶

💬Community

Bugzilla

CVE-2015-4495 Mozilla: Same origin violation and local file stealing via PDF reader (MFSA 2015-78)↗2015-08-07

▶