CVE-2015-7215

2015-12-1500:00:00

ubuntu.com

0.004 Low

EPSS

Percentile

73.6%

JSON

The importScripts function in the Web Workers API implementation in Mozilla
Firefox before 43.0 allows remote attackers to bypass the Same Origin
Policy by triggering use of the no-cors mode in the fetch API to attempt
resource access that throws an exception, leading to information disclosure
after a rethrow.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchfirefox< 43.0+build1-0ubuntu0.12.04.1UNKNOWN
ubuntu14.04noarchfirefox< 43.0+build1-0ubuntu0.14.04.1UNKNOWN
ubuntu15.04noarchfirefox< 43.0+build1-0ubuntu0.15.04.1UNKNOWN
ubuntu15.10noarchfirefox< 43.0+build1-0ubuntu0.15.10.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	12.04	noarch	firefox	< 43.0+build1-0ubuntu0.12.04.1	UNKNOWN
ubuntu	14.04	noarch	firefox	< 43.0+build1-0ubuntu0.14.04.1	UNKNOWN
ubuntu	15.04	noarch	firefox	< 43.0+build1-0ubuntu0.15.04.1	UNKNOWN
ubuntu	15.10	noarch	firefox	< 43.0+build1-0ubuntu0.15.10.1	UNKNOWN