Privilege Escalation and Denial of Service Vulnerability in Mozilla Firefox Updater

Privilege Escalation and Denial of Service Vulnerability in Mozilla Firefox Updater

CVE-2015-4482 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows local users to gain privileges or cause a denial of service (out-of-bounds write) via a crafted name of a Mozilla Archive (aka MAR) file.

Learn more about our Cis Benchmark Audit For Mozilla Firefox.