mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-28 06:01:13 +01:00
879 B
879 B
CVE-2015-4492
Description
Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 might allow remote attackers to execute arbitrary code via a SharedWorker object that makes recursive calls to the open method of an XMLHttpRequest object.
POC
Reference
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.ubuntu.com/usn/USN-2702-2
- http://www.ubuntu.com/usn/USN-2702-3
Github
No PoCs found on GitHub currently.