CVE-2015-4490

Published: Aug 16, 2015Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 does not implement the Content Security Policy Level 2 exceptions for the blob, data, and filesystem URL schemes during wildcard source-expression matching, which might make it easier for remote attackers to conduct cross-site scripting (XSS) attacks by leveraging unexpected policy-enforcement behavior.

Affected (7)

Products: Mozilla: Firefox · Canonical: Ubuntu Linux · Opensuse: Opensuse · +1 more

Show all products

Mozilla: Firefox · Canonical: Ubuntu Linux · Opensuse: Opensuse · Oracle: Solaris

1 product

1 product

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	Up to 39.0.3

Configuration B

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 12.04
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 15.04
Opensuse Opensuse	Version 13.1
Opensuse Opensuse	Version 13.2

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Oracle Solaris	Version 11.3

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (20)

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html

Source: security@mozilla.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html

Source: security@mozilla.org

Third Party Advisory

http://www.mozilla.org/security/announce/2015/mfsa2015-91.html

Source: security@mozilla.org

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: security@mozilla.org

Third Party Advisory

http://www.securitytracker.com/id/1033247

Source: security@mozilla.org

http://www.ubuntu.com/usn/USN-2702-1

Source: security@mozilla.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-2702-2

Source: security@mozilla.org

Third Party Advisory

http://www.ubuntu.com/usn/USN-2702-3

Source: security@mozilla.org

https://bugzilla.mozilla.org/show_bug.cgi?id=1086999

Source: security@mozilla.org

Issue Tracking

https://security.gentoo.org/glsa/201605-06

Source: security@mozilla.org

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00014.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00015.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.mozilla.org/security/announce/2015/mfsa2015-91.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.securitytracker.com/id/1033247

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-2702-1

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-2702-2

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.ubuntu.com/usn/USN-2702-3

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.mozilla.org/show_bug.cgi?id=1086999

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

https://security.gentoo.org/glsa/201605-06

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.