|
A CRITICAL Firefox Vuln - Violation and local file stealing via PDF reader
Official link :
Quote:
Quote:
If you do not update your Firefox browser to the latest version (39.0.3 as of now) AND if you open a malicious PDF file from some website in the embedded PDF Viewer, then it allows attackers to read and write files on local machine as well as upload them to a remote server. ALL of us can be affected by this. Please update your browsers to the latest version. |
or reverse? if last is vulnerable and previous not?
|
Quote:
In case, you were trying to say that maybe the newer versions would have worse vulns, then maybe you are right... But the fact remains that it is CONFIRMED that the earlier version of thr Firefox are vulnerable and that the FIX is only provided fo rthe v39.0.3 ! However, for anyone who thinks that the above post of mine is not really meant to be in a RE forum : Many of us use Firefox Browser, and this particular vuln is something really CRITICAL, as we open PDF files all the time on the web. Sometimes the PDFs open even without specifically asking us... So in those cases, we would not want the "bad guys" to access local files on our computer and even upload them elsewhere ! Thats why had posted this, as this applies to nearly all of us ! |
FF 40 already baked :)
|
| All times are GMT +8. The time now is 11:43. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX