suse · CVE-2015-4495

Quick triage

Priority: high Published: 2021-05-30 13:30:43 UTC Updated: 2026-04-18 18:17:44 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2015-4495 severity important: SUSE including 128 source package names (MozillaFirefox-102.11.0-150200.152.87.1, MozillaFirefox-115.10.0-150200.152.134.1, …), 319 product×package rows across 69 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (69 product lines)): Fixed 301, Known Not Affected 18.

Description:

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

cvelogic Threat Intelligence