Vulnerability Details : CVE-2015-0816
Public exploit exists!
Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not properly restrict resource: URLs, which makes it easier for remote attackers to execute arbitrary JavaScript code with chrome privileges by leveraging the ability to bypass the Same Origin Policy, as demonstrated by the resource: URL associated with PDF.js.
Exploit prediction scoring system (EPSS) score for CVE-2015-0816
Probability of exploitation activity in the next 30 days: 96.39%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2015-0816
-
Firefox PDF.js Privileged Javascript Injection
Disclosure Date: 2015-03-31First seen: 2020-04-26exploit/multi/browser/firefox_pdfjs_privilege_escalationThis module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click anywhere on the page to trigger the vulnerability. Authors: - Unkno
CVSS scores for CVE-2015-0816
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2015-0816
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-0816
-
http://www.securitytracker.com/id/1031996
Mozilla Firefox Bugs Let Remote Users Execute Arbitrary Code, Bypass Security Restrictions, and Obtain Potentially Sensitive Information - SecurityTracker
-
https://www.exploit-db.com/exploits/37958/
Mozilla Firefox - 'pdf.js' Privileged JavaScript Injection (Metasploit)
-
https://security.gentoo.org/glsa/201512-10
Mozilla Products: Multiple vulnerabilities (GLSA 201512-10) — Gentoo security
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Oracle Solaris Third Party Bulletin - April 2015
-
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html
[security-announce] openSUSE-SU-2015:0892-1: important: Update to Firefo
-
http://www.ubuntu.com/usn/USN-2552-1
USN-2552-1: Thunderbird vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00006.html
[security-announce] SUSE-SU-2015:0704-1: important: Security update for
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html
[security-announce] openSUSE-SU-2015:1266-1: important: Mozilla (Firefox
-
http://rhn.redhat.com/errata/RHSA-2015-0771.html
RHSA-2015:0771 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2015-0766.html
RHSA-2015:0766 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2015/dsa-3212
Debian -- Security Information -- DSA-3212-1 icedove
-
http://www.debian.org/security/2015/dsa-3211
Debian -- Security Information -- DSA-3211-1 iceweasel
-
http://www.mozilla.org/security/announce/2015/mfsa2015-33.html
resource:// documents can load privileged pages — MozillaVendor Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1144991
1144991 - (CVE-2015-0816) Privilege escalation from resource:// document (e.g. pdf viewer) (ZDI-CAN-2826)
-
http://www.securitytracker.com/id/1032000
Mozilla Thunderbird Flaws Let Remote Users Execute Arbitrary Code and Conduct Cross-Site Request Forgery Attacks - SecurityTracker
-
http://www.securityfocus.com/bid/73461
Mozilla Firefox Firefox ESR and Thunderbird CVE-2015-0816 Privilege Escalation Vulnerability
-
http://www.ubuntu.com/usn/USN-2550-1
USN-2550-1: Firefox vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00003.html
[security-announce] openSUSE-SU-2015:0677-1: important: Security update
Products affected by CVE-2015-0816
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*