Vulnerability Name:

CVE-2015-4481

Assigned:2015-06-10
Published:2015-08-15
Updated:2017-09-16
Summary:Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:3.3 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:N/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-362
References:Source: SUSE
Type: VENDOR_ADVISORY
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html

Source: SUSE
Type: VENDOR_ADVISORY
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html

Source: SUSE
Type: UNKNOWN
http://lists.opensuse.org/opensuse-updates/2015-08/msg00030.html

Source: SUSE
Type: UNKNOWN
http://lists.opensuse.org/opensuse-updates/2015-08/msg00031.html

Source: CONFIRM
Type: VENDOR_ADVISORY
http://www.mozilla.org/security/announce/2015/mfsa2015-84.html

Source: CONFIRM
Type: VENDOR_ADVISORY
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: SECTRACK
Type: UNKNOWN
1033247

Source: SECTRACK
Type: UNKNOWN
1033372

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.mozilla.org/show_bug.cgi?id=1171518

Source: GENTOO
Type: UNKNOWN
https://security.gentoo.org/glsa/201605-06

Source: EXPLOIT-DB
Type: UNKNOWN
37925

Vulnerable Configuration:Configuration 1:
  • cpe:/a:mozilla:firefox:39.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:38.0:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:38.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:38.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:mozilla:firefox_esr:38.1.0:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:*:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/o:opensuse_project:opensuse:13.1:*:*:*:*:*:*:*
  • OR cpe:/o:opensuse_project:opensuse:13.2:*:*:*:*:*:*:*

  • Configuration 3:
  • cpe:/o:oracle:solaris:11.3:*:*:*:*:*:*:*

  • Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20154481
    V
    CVE-2015-4481
    2017-09-25
    oval:com.ubuntu.precise:def:20154481000
    V
    CVE-2015-4481 on Ubuntu 12.04 LTS (precise) - medium.
    2015-08-15
    oval:com.ubuntu.trusty:def:20154481000
    V
    CVE-2015-4481 on Ubuntu 14.04 LTS (trusty) - medium.
    2015-08-15
    BACK
    mozilla firefox 39.0.3
    mozilla firefox_esr 38.0
    mozilla firefox_esr 38.0.1
    mozilla firefox_esr 38.0.5
    mozilla firefox_esr 38.1.0
    microsoft windows *
    opensuse_project opensuse 13.1
    opensuse_project opensuse 13.2
    oracle solaris 11.3