CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-23 23:14:03 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
b0e96c877abb080d7cf221c036336480ff266ccf
CVEs-PoC/2015/CVE-2015-2743.md
T
0xMarcio 9dd9a4d134 Update CVE sources 2024-08-07 19:02
2024-08-07 19:02:05 +00:00

20 lines
869 B
Markdown
Raw Blame History

### [CVE-2015-2743](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2743)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
### Description
PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.
### POC
#### Reference
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.ubuntu.com/usn/USN-2656-1
#### Github
- https://github.com/pyllyukko/user.js
Reference in New Issue View Git Blame Copy Permalink