CVE-2015-0802 (retired)

Priority
Description
Mozilla Firefox before 37.0 relies on docshell type information instead of
page principal information for Window.webidl access control, which might
allow remote attackers to execute arbitrary JavaScript code with chrome
privileges via certain content navigation that leverages the reachability
of a privileged window with an unintended persistence of access to
restricted internal methods.
Assigned-to
chrisccoulson
Package
Upstream:released (37.0)
Ubuntu 14.04 LTS (Trusty Tahr):released (37.0+build2-0ubuntu0.14.04.1)
More Information

Updated: 2019-03-26 12:14:21 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)