CVE-2015-4481: Race Condition

First published: Sun Aug 16 2015(Updated: )

Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file during an update.

Credit: security@mozilla.org security@mozilla.org

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/weakness
• agent/severity
• agent/author
• agent/references
• agent/description
• collector/nvd-index
• agent/software-canonical-lookup-request
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• agent/last-modified-date
• agent/tags
• agent/event
• agent/first-publish-date
• collector/nvd-api
• source/NVD
• agent/software-canonical-lookup
• vendor/mozilla
• canonical/mozilla firefox
• version/mozilla firefox/39.0.3
• canonical/mozilla firefox esr
• version/mozilla firefox esr/38.0
• version/mozilla firefox esr/38.0.1
• version/mozilla firefox esr/38.0.5
• version/mozilla firefox esr/38.1.0
• vendor/microsoft
• canonical/microsoft windows
• vendor/opensuse
• canonical/opensuse opensuse
• version/opensuse opensuse/13.1
• version/opensuse opensuse/13.2
• vendor/oracle
• canonical/oracle solaris
• version/oracle solaris/11.3
• version/mozilla firefox/38.0
• version/mozilla firefox/38.0.1
• version/mozilla firefox/38.0.5
• version/mozilla firefox/38.1.0