This Metasploit module abuses an XSS vulnerability in versions prior to Firefox 39.0.3, Firefox ESR 38.1.1, and Firefox OS 2.2 that allows arbitrary files to be stolen. The vulnerability occurs in the PDF.js component, which uses Javascript to render a PDF inside a frame with privileges to read local files. The in-the-wild malicious payloads searched for sensitive files on Windows, Linux, and OSX. Android versions are reported to be unaffected, as they do not use the Mozilla PDF viewer.
51c57f3920e9435bf62bbd93f1635f5a4935408c0f9db23d25b25d8babebaaeeProof of concept exploit that demonstrates how an attacker can bypass same-origin policy on Firefox and inject javascript into the built-in pdf reader.
e9d69781f8e3c5ddf17e4c6610f59bfd7290858f88e48f49405648523cc14a3dRed Hat Security Advisory 2015-1581-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was discovered in Mozilla Firefox that could be used to violate the same-origin policy and inject web script into a non-privileged part of the built-in PDF file viewer. An attacker could create a malicious web page that, when viewed by a victim, could steal arbitrary files from the system running Firefox.
e0a232b17807350fc652a6b60a215e791b1a23fd269eedd3d1b9d511f297c55bUbuntu Security Notice 2707-1 - Cody Crews discovered a way to violate the same-origin policy to inject script in to a non-privileged part of the PDF viewer. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to read sensitive information from local files.
454aadcc72ab27356bc6097291844b21c35e99f121004be9079deac843860748
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed