7.5
CVE-2015-0818
- EPSS 2.09%
- Veröffentlicht 24.03.2015 00:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle security@mozilla.org
- CVE-Watchlists
- Unerledigt
LoginMozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mozilla ≫ Firefox ESR Version31.1
Mozilla ≫ Firefox ESR Version31.2
Mozilla ≫ Firefox ESR Version31.3
Mozilla ≫ Firefox ESR Version31.4
Mozilla ≫ Firefox ESR Version31.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.09% | 0.838 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|