JavaScript Object Transition Vulnerability in Mozilla Firefox
CVE-2015-0820 · LOW Severity
AV:N/AC:H/AU:N/C:N/I:P/A:N
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web site.
Learn more about our Web App Pen Testing.