CVE-2015-4502

CVSS v2.0 4.3 (Medium)

EPSS 0.40 % (74^th)

Affected Products 1

Advisories 2

js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which allows remote attackers to bypass intended window access restrictions via a crafted web site.

Weaknesses

CWE-254: 7PK - Security Features

CVE Status: PUBLISHED
CNA: Mozilla Corporation
Published Date: 2015-09-24 04:59:04
(9 years ago)
Updated Date: 2016-12-22 02:59:55
(7 years ago)

Affected Products

Mozilla

Firefox

Configuration #1

		CPE23	From	Up To
	Mozilla Firefox 40.0.3 and prior versions	cpe:2.3:a:mozilla:firefox		<= 40.0.3