#VU1831 Security bypass


Published: 2020-03-18

Vulnerability identifier: #VU1831

Vulnerability risk: Critical

CVSSv3.1: 9.2 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]

CVE-ID: CVE-2015-4495

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Firefox ESR
Client/Desktop applications / Web browsers
Mozilla Firefox
Client/Desktop applications / Web browsers
Firefox OS
Mobile applications / Mobile firmware & hardware

Vendor: Mozilla

Description
The vulnerabiity allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to improper input validation. A remote attacker can create a specially crafted PDF file, trick the victim into opening it, bypass same-origin policy and inject arbitrary JavaScript into the built-in PDF Viewer to gain access to arbitrary files on the system.

Successful exploitation of this vulnerability may result in access to local files and privilege escalation, leading to system compromise.

Note: the vulnerability was being actively exploited.

Mitigation
Update Mozilla Firefox to version 39.0.3, Mozilla Firefox ESR to version 38.1, Mozilla Firefox OS to version 2.2.

Vulnerable software versions

Firefox ESR: 38.0 - 38.1.1

Mozilla Firefox: 38.0 - 39.0.3

Firefox OS: 1.0 - 2.2

External links
http://www.mozilla.org/en-US/security/advisories/mfsa2015-78/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.


Latest bulletins with this vulnerability


Security bypass in Mozilla Firefox
SUSE Linux update for MozillaFirefox
SUSE Linux update for MozillaFirefox
Security bypass in firefox (Alpine package)
Ubuntu update for Firefox
Arch Linux update for firefox
Red Hat update for firefox