CVE-2015-4483

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Access Control Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:Partial
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2015-4473, CVE-2015-4474, CVE-2015-4475, CVE-2015-4477, CVE-2015-4478, CVE-2015-4479, CVE-2015-4480, CVE-2015-4481, CVE-2015-4482, CVE-2015-4484, CVE-2015-4485, CVE-2015-4486, CVE-2015-4487, CVE-2015-4488, CVE-2015-4489, CVE-2015-4490, CVE-2015-4491, CVE-2015-4492, CVE-2015-4493

Published on 16/08/15 - Updated on 30/10/18

Description

Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection mechanism via a feed: URL in a POST request.

Category: Access Control Error

CWE-264 (Permissions, Privileges, and Access Control)
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Security Notices

US National Vulnerability DatabaseCVE-2015-4483
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2015-AVI-349
Arch Linux ASA-201508-4
Mozilla MFSA2015-86
Renater 2015/VULN158

Exploits

SecurityFocusBID-76510

Relative technologies

VendorProduct
mozillafirefox
opensuseopensuse
oraclesolaris

Share this vulnerability with:

Twitter Facebook LinkedIn Mail