JavaScript Object Transition Vulnerability in Mozilla Firefox

JavaScript Object Transition Vulnerability in Mozilla Firefox

CVE-2015-0820 · LOW Severity

AV:N/AC:H/AU:N/C:N/I:P/A:N

Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.

Learn more about our Web App Pen Testing.