Vulnerability Details : CVE-2015-4495
Public exploit exists!
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
Products affected by CVE-2015-4495
- cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
- cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp1:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*
- cpe:2.3:o:mozilla:firefox_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
CVE-2015-4495 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Mozilla Firefox Security Feature Bypass Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2015-4495
Added on
2022-05-25
Action due date
2022-06-15
Exploit prediction scoring system (EPSS) score for CVE-2015-4495
75.94%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2015-4495
-
Firefox PDF.js Browser File Theft
First seen: 2020-04-26auxiliary/gather/firefox_pdfjs_file_theftThis module abuses an XSS vulnerability in versions prior to Firefox 39.0.3, Firefox ESR 38.1.1, and Firefox OS 2.2 that allows arbitrary files to be stolen. The vulnerability occurs in the PDF.js component, which uses Javascript to render a PDF inside a frame with p
CVSS scores for CVE-2015-4495
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:N |
8.6
|
2.9
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-02-07 |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST | 2024-06-28 |
References for CVE-2015-4495
-
http://www.securitytracker.com/id/1033216
Mozilla Firefox PDF Viewer Same-Origin Bypass Lets Remote Users Obtain Potentially Sensitive Information on the Target System - SecurityTrackerBroken Link;Third Party Advisory;VDB Entry
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1178058
1178058 - (CVE-2015-4495) It's possible to read local files or perform privilege escalation by using a native setterIssue Tracking
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00009.html
[security-announce] SUSE-SU-2015:1379-1: critical: Security update for MMailing List;Third Party Advisory
-
http://www.mozilla.org/security/announce/2015/mfsa2015-78.html
Same origin violation and local file stealing via PDF reader — MozillaVendor Advisory
-
http://www.ubuntu.com/usn/USN-2707-1
USN-2707-1: Firefox vulnerability | Ubuntu security noticesThird Party Advisory
-
https://security.gentoo.org/glsa/201512-10
Mozilla Products: Multiple vulnerabilities (GLSA 201512-10) — Gentoo securityThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html
[security-announce] SUSE-SU-2015:1449-1: important: Security update forMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/76249
Mozilla Firefox CVE-2015-4495 Same Origin Policy Security Bypass VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2015-1581.html
RHSA-2015:1581 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html
[security-announce] openSUSE-SU-2015:1390-1: important: Security updateMailing List;Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Oracle Solaris Bulletin - April 2016Patch;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html
[security-announce] openSUSE-SU-2015:1389-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00016.html
[security-announce] SUSE-SU-2015:1528-1: important: Security update forMailing List;Third Party Advisory
-
https://www.exploit-db.com/exploits/37772/
Mozilla Firefox < 39.03 - 'pdf.js' Same Origin PolicyExploit;Third Party Advisory;VDB Entry
-
https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/
Firefox exploit found in the wild | Mozilla Security BlogIssue Tracking;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00010.html
[security-announce] SUSE-SU-2015:1380-1: critical: Security update for MMailing List;Third Party Advisory
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1179262
1179262 - Remove PlayPreview registration from PDF ViewerIssue Tracking
Jump to