HTTP: Mozilla Firefox PDF Viewer Same Origin Security Bypass
This signature detects attempts to exploit a known vulnerability against Mozilla Firefox. Attackers can perform security bypass to the same-origin policy and launch further attacks.
Extended Description
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.
Affected Products
Mozilla firefox
Short Name
HTTP:STC:DL:FF-SAME-ORIG-SB
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Bypass CVE-2015-4495 Firefox Mozilla Origin PDF Same Security Viewer
Release Date
08/24/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3752
False Positive
Unknown
Vendors
Suse
Redhat
Mozilla
Opensuse
Oracle
Canonical
CVSS Score
4.3