Firefox exploit found in the wild: Same origin violation and local file stealing via PDF reader

On Windows the exploit looked for subversion, s3browser, and Filezilla configurations files, .purple and Psi+ account information, and site configuration files from eight different popular FTP clients. On Linux the exploit goes after the usual global configuration files like /etc/passwd, and then in all the user directories it can access it looks for .bash_history, .mysql_history, .pgsql_history, .ssh configuration files and keys, configuration files for remina

https://blog.mozilla.org

Advisory Information

Mozilla Foundation Security Advisory 2015-78

Title: Same origin violation and local file stealing via PDF reader
Impact: Critical
Fixed in: Firefox 39.0.3 and Firefox ESR 38.1.1

Security researcher Cody Crews reported on a way to violate the same origin policy and inject script into a non-privileged part of the built-in PDF Viewer. This would allow an attacker to read and steal sensitive local files on the victim's computer.

Mozilla has received reports that an exploit based on this vulnerability has been found in the wild.

No related links added yet. Be the first!

Add Related Link

Join the Discussion

Auto Tier
All
1
2
3

Post Comment

Welcome to our invite-only web community!

Thank you

Help spread the word about Snapzu:

Firefox exploit found in the wild: Same origin violation and local file stealing via PDF reader

Advisory Information

Join the Discussion

Here are some other snaps you may like...

Check out our front page for a lot more stuff!

Firefox Under Fire: Anatomy of latest 0-day attack

Firefox 46.0 Released

Firefox 41 integrates WebRTC messaging app as it fights for relevance

Why I switched back to Firefox

Happy 11th birthday, Mozilla Firefox!