CVE-2015-4495

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2015-4495

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2015-4495.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2015-4495

Downstream

DEBIAN-CVE-2015-4495

RHSA-2015:1581

SUSE-SU-2015:1379-1

SUSE-SU-2015:1380-1

SUSE-SU-2015:1449-1

SUSE-SU-2015:1476-1

SUSE-SU-2015:1528-1

UBUNTU-CVE-2015-4495

USN-2707-1

openSUSE-SU-2024:10071-1

openSUSE-SU-2024:14572-1

Related

Published

2015-08-08T00:59:04Z

Modified

2025-08-09T20:01:27Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

References

Affected packages