4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.967 High
EPSS
Percentile
99.5%
Name | firefox_pdfjs_filereader |
---|---|
CVE | CVE-2015-4495 Exploit Pack |
VENDOR: Mozilla | |
NOTES: | |
Tested on: | |
Ubuntu 14.04.3 LTS | |
Firefox 39.0 |
Under the Response tab of ClientD main window, the option “Respond directly with
exploit” must be selected. Modify PROPERTY[‘RETRY_COUNT’] to change the number
of times the exploit will try to download a given file. PROPERTY[‘EXFIL_TIMEOUT_MSECS’]
is the number of milliseconds before the exploit server is polled for a new file. Any
file in the process of being exfiled by the client will be lost, which is why there are
retries.
NOTE:
References: https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4495
Date public: 08/06/2015