Vulnerabilities

CVE-2015-0820

by Fred · 25/02/2015

Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.

Date published : 2015-02-25

http://www.securityfocus.com/bid/72757

http://www.mozilla.org/security/announce/2015/mfsa2015-27.html

Similar

Tags: Cybersecurity Alert