Lucene search
Mozilla FoundationMFSA2015-82HistoryAug 11, 2015 - 12:00 a.m.
Redefinition of non-configurable JavaScript object properties — Mozilla
2015-08-1100:00:00
Mozilla Foundation
www.mozilla.org
13
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
79.0%
Security researcher André Bargull reported non-configurable properties on JavaScript objects can be redefined while parsing JSON in violation of the ECMAScript 6 standard. This allows malicious web content to bypass same-origin policy by editing these properties to arbitrary values.
Affected configurations
Node
mozillafirefoxRange<40
ORmozillafirefox_esrRange<38.2
ORmozillaseamonkeyRange<2.35
Related
cve
cve
CVE-2015-4478
2015-08-16 01:59:05
ubuntucve
ubuntucve
CVE-2015-4478
2015-08-11 00:00:00
prion
prion
Design/Logic Flaw
2015-08-16 01:59:00
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-82) - Linux
2021-11-11 00:00:00
Debian Security Advisory DSA 3333-1 (iceweasel - security update)
2015-08-12 00:00:00
Ubuntu: Security Advisory (USN-2702-2)
2015-08-12 00:00:00
cvelist
cvelist
CVE-2015-4478
2015-08-16 01:00:00
nvd
nvd
CVE-2015-4478
2015-08-16 01:59:05
debian
debian
[SECURITY] [DSA 3333-1] iceweasel security update
2015-08-12 10:24:11
nessus
nessus
Debian DSA-3333-1 : iceweasel - security update
2015-08-13 00:00:00
Firefox ESR < 38.2 Multiple Vulnerabilities (Mac OS X)
2015-08-13 00:00:00
CentOS 5 / 6 / 7 : firefox (CESA-2015:1586)
2015-08-12 00:00:00
oraclelinux
oraclelinux
firefox security update
2015-08-11 00:00:00
centos
centos
firefox security update
2015-08-11 20:36:44
mageia
mageia
Updated firefox packages fixes security vulnerabilities
2015-08-11 23:22:53
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:42:03
Arbitrary Code Execution
2019-05-02 05:41:48
Arbitrary Code Execution
2019-05-02 05:41:48
suse
suse
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-10 17:10:07
Security update for MozillaFirefox, mozilla-nss (important)
2015-09-02 12:10:07
Security update for MozillaFirefox (important)
2015-08-14 19:09:37
redhat
redhat
(RHSA-2015:1586) Critical: firefox security update
2015-08-11 00:00:00
ubuntu
ubuntu
Ubufox update
2015-08-11 00:00:00
Firefox regression
2015-08-20 00:00:00
Firefox vulnerabilities
2015-08-11 00:00:00
archlinux
archlinux
firefox: multiple issues
2015-08-12 00:00:00
freebsd
freebsd
mozilla -- multiple vulnerabilities
2015-08-11 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in Firefox affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance
2018-06-17 22:30:13
Security Bulletin: Multiple vulnerabilities of Mozilla Firefox in IBM Storwize V7000 Unified
2018-06-18 00:09:54
Security Bulletin: Mozilla Firefox vulnerability issues in IBM SONAS
2018-06-18 00:09:55
kaspersky
kaspersky
KLA10643 Multiple vulnerabilities in Mozilla Firefox and Firefox ESR
2015-08-11 00:00:00
securityvulns
securityvulns
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.006 Low
EPSS
Percentile
79.0%
Related for MFSA2015-82