CVE-2015-4516

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 41.0

Description The issue allows remote attackers to bypass certain ECMAScript 5 (ES5) API protection mechanisms and modify immutable properties, which can lead to the execution of arbitrary JavaScript code with chrome privileges. This can be achieved through a crafted web page that does not utilize ES5 APIs. The estimated number of potentially affected devices and details about real-world incidents where this issue was exploited are not provided.

Recommendations For versions prior to 41.0, update to version 41.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the ECMAScript 5 API until a patch is applied. Avoid using crafted web pages that do not utilize ES5 APIs to minimize the risk of exploitation.