The PDF reader in Mozilla Firefox prior to 39.0.3, Firefox ESR 38.x prior to 38.1.1, and Firefox OS prior to 2.2 allows remote malicious users to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla firefox esr 38.0 |
||
mozilla firefox esr 38.1.0 |
||
mozilla firefox esr 38.0.5 |
||
mozilla firefox esr 38.0.1 |
||
mozilla firefox |
||
mozilla firefox os |
||
canonical ubuntu linux 12.04 |
||
novell suse linux enterprise server 12.0 |
||
canonical ubuntu linux 14.04 |
||
novell suse linux enterprise desktop 12.0 |
||
canonical ubuntu linux 15.04 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |
||
novell suse linux enterprise software development kit 12.0 |
||
oracle solaris 11.3 |