1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
Candidate: CVE-2015-4481
PublicDate: 2015-08-15
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4481
https://www.mozilla.org/en-US/security/advisories/mfsa2015-84/
Description:
Race condition in the Mozilla Maintenance Service in Mozilla Firefox before
40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to
write to arbitrary files and consequently gain privileges via vectors
involving a hard link to a log file during an update.
Ubuntu-Description:
Notes:
chrisccoulson> Windows only
Bugs:
Priority: medium
Discovered-by:
Assigned-to: chrisccoulson
Patches_firefox:
upstream_firefox: released (40.0)
precise_firefox: not-affected
trusty_firefox: not-affected
vivid_firefox: not-affected
devel_firefox: not-affected
|