CVE-2015-0802

Firefox PDF.js Privileged Javascript Injection

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2015-0802. PoCs published by Metasploit, Unknown, Marius Mlynski, joev, joev, including Metasploit module exploits/multi/browser/firefox_pdfjs_privilege_escalation.

AI-analyzed exploit summary This Metasploit module exploits a privilege escalation vulnerability in Firefox 35-36 by abusing resource:// URIs and PDF.js to inject privileged JavaScript, leading to remote code execution. The exploit requires user interaction (clicking on the page) to trigger the vulnerability.

Description

Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of a privileged window with an unintended persistence of access to restricted internal methods.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotemultiple
https://www.exploit-db.com/exploits/37958

This Metasploit module exploits a privilege escalation vulnerability in Firefox 35-36 by abusing resource:// URIs and PDF.js to inject privileged JavaScript, leading to remote code execution. The exploit requires user interaction (clicking on the page) to trigger the vulnerability.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Complex
Reliability
Reliable
Target: Mozilla Firefox 35-36
No auth needed
Prerequisites: User interaction (clicking on the page) · Firefox version 35-36
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC MANUAL
by Unknown, Marius Mlynski, joev · rubypocfirefox
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/firefox_pdfjs_privilege_escalation.rb

This Metasploit module exploits CVE-2015-0802, a privilege escalation vulnerability in Firefox 35-36, by injecting privileged JavaScript via PDF.js and abusing resource:// URIs to achieve remote code execution. The exploit requires user interaction (clicking on the page) to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Mozilla Firefox 35-36
No auth needed
Prerequisites: Victim must be using Firefox 35-36 · User interaction (click) required
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC MANUAL
by joev · rubypocfirefox
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/firefox_proxy_prototype.rb

This Metasploit module exploits a privilege escalation vulnerability in Firefox 31-34 by abusing a bug in the XPConnect component to gain access to the privileged chrome:// window, leading to remote code execution. The exploit requires user interaction (clicking on the page) to trigger the vulnerability.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Mozilla Firefox 31-34
No auth needed
Prerequisites: User interaction (clicking on the page) · Target using Firefox 31-34
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201512-10
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/37958/
Issue Tracking x_refsource_confirm
https://bugzilla.mozilla.org/show_bug.cgi?id=1124898
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1031996
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2550-1

Scores

EPSS 0.6746
EPSS Percentile 99.2%

Details

CWE
CWE-264
Status published
Products (6)
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
canonical/ubuntu_linux 14.10
mozilla/firefox < 36.0.4
opensuse/opensuse 13.1
opensuse/opensuse 13.2
Published Apr 01, 2015
Tracked Since Feb 18, 2026