Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2015-4498)

Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2015-4498)
Mozilla Firefox Security Restriction Bypass Vulnerability (CVE-2015-4498)

Release date:
Updated on:

Affected Systems:

Mozilla Firefox <40.0.3
Mozilla Firefox <38.2.1

Description:

Bugtraq id: 76505
CVE (CAN) ID: CVE-2015-4498

Mozilla Firefox is an open-source web browser that uses the Gecko engine.

In versions earlier than Mozilla Firefox 40.0.3 and earlier than Firefox ESR 38.2.1, the plug-in installation function has a vulnerability. Remote attackers can exploit this vulnerability to bypass the confirmation of the target user by constructing data.

<* Source: Bas Venis
*>

Suggestion:

Vendor patch:

Mozilla
-------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.mozilla.org/security/announce/2015/mfsa2015-95.html
Https://bugzilla.mozilla.org/show_bug.cgi? Id = 1042699

Manually install Firefox Flash plug-in Ubuntu 14.04

Replacement of Firefox in Ubuntu

Use apt-get to install FireFox and ThunderBird In Debian Linux

Stable Firefox 29 version released-how to install

Mozilla Firefox 31.0 official release and download

Firefox details: click here
Firefox: click here

This article permanently updates the link address: