← Zuruck zu CVEs
CVE-2015-4481
N/ABeschreibung
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht8/16/2015
Zuletzt geandert4/12/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
microsoft:windowsmozilla:firefoxopensuse:opensuseoracle:solaris
Schwachen (CWE)
CWE-362
Referenzen
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html(security@mozilla.org)
http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html(security@mozilla.org)
http://www.mozilla.org/security/announce/2015/mfsa2015-84.html(security@mozilla.org)
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html(security@mozilla.org)
http://www.securitytracker.com/id/1033247(security@mozilla.org)
http://www.securitytracker.com/id/1033372(security@mozilla.org)
https://bugzilla.mozilla.org/show_bug.cgi?id=1171518(security@mozilla.org)
https://security.gentoo.org/glsa/201605-06(security@mozilla.org)
https://www.exploit-db.com/exploits/37925/(security@mozilla.org)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html(af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.mozilla.org/security/announce/2015/mfsa2015-84.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1033247(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1033372(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.mozilla.org/show_bug.cgi?id=1171518(af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/201605-06(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/37925/(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.