|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
A CRITICAL Firefox Vuln - Violation and local file stealing via PDF reader
Official link :
Quote:
Quote:
If you do not update your Firefox browser to the latest version (39.0.3 as of now) AND if you open a malicious PDF file from some website in the embedded PDF Viewer, then it allows attackers to read and write files on local machine as well as upload them to a remote server. ALL of us can be affected by this. Please update your browsers to the latest version. |
#2
|
||||
|
||||
or reverse? if last is vulnerable and previous not?
|
#3
|
|||
|
|||
Sorry, I cannot really understand what you mean...
In case, you were trying to say that maybe the newer versions would have worse vulns, then maybe you are right... But the fact remains that it is CONFIRMED that the earlier version of thr Firefox are vulnerable and that the FIX is only provided fo rthe v39.0.3 ! However, for anyone who thinks that the above post of mine is not really meant to be in a RE forum : Many of us use Firefox Browser, and this particular vuln is something really CRITICAL, as we open PDF files all the time on the web. Sometimes the PDFs open even without specifically asking us... So in those cases, we would not want the "bad guys" to access local files on our computer and even upload them elsewhere ! Thats why had posted this, as this applies to nearly all of us ! |
#4
|
|||
|
|||
FF 40 already baked
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Need help in exploiting a kernel vuln | SinaDiR | General Discussion | 0 | 01-10-2011 23:21 |
Another vuln, this time its PEiD. | ghalen | General Discussion | 8 | 01-31-2005 19:46 |
vBulletin 3.0.3 exploited, critical update | SOLAR | General Discussion | 1 | 01-10-2005 02:51 |